codeql query format --in-place

2026-05-05 13:45:19 +02:00 · 2021-09-17 17:53:01 -03:00
parent 9ec35a0f99
commit 746ce630f4
3 changed files with 10 additions and 8 deletions
--- a/ql/src/experimental/CWE-918/SSRF.ql
+++ b/ql/src/experimental/CWE-918/SSRF.ql
@@ -13,8 +13,8 @@ import SSRF
 import DataFlow::PathGraph

 from
-  ServerSideRequestForgery::Configuration cfg, DataFlow::PathNode source,
-  DataFlow::PathNode sink, DataFlow::Node request
+  ServerSideRequestForgery::Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink,
+  DataFlow::Node request
 where
  cfg.hasFlowPath(source, sink) and
  request = sink.getNode().(ServerSideRequestForgery::Sink).getARequest()
--- a/ql/src/experimental/CWE-918/SSRF.qll
+++ b/ql/src/experimental/CWE-918/SSRF.qll
@@ -137,7 +137,7 @@ module ServerSideRequestForgery {
    DataFlow::Node url;

    EqualityAsSanitizerGuard() {
-      exists(this.getAnOperand().getStringValue()) and 
+      exists(this.getAnOperand().getStringValue()) and
      url = this.getAnOperand()
    }

@@ -161,12 +161,12 @@ module ServerSideRequestForgery {
   * the binding function to run some validations for that field. If these binding functions returns
   * no error, then we consider these fields safe for SSRF.
   */
-  class BodySanitizer extends Sanitizer, BodyTagSanitizer {}
+  class BodySanitizer extends Sanitizer, BodyTagSanitizer { }

  /**
-   * The method Var of package validator is a sanitizer guard only if the check 
+   * The method Var of package validator is a sanitizer guard only if the check
   * of the error binding exists, and the tag to check is one of "alpha", "alphanum", "alphaunicode", "alphanumunicode", "number", "numeric".
   */
-  class ValidatorAsSanitizer extends SanitizerGuard, ValidatorVarCheck {}
+  class ValidatorAsSanitizer extends SanitizerGuard, ValidatorVarCheck { }
  //#endregion
 }
--- a/ql/src/experimental/CWE-918/validator.qll
+++ b/ql/src/experimental/CWE-918/validator.qll
@@ -88,8 +88,10 @@ private class BindErrorCheck extends DataFlow::BarrierGuard, DataFlow::EqualityT
        bindFunction
            .(Method)
            .hasQualifiedName("github.com/gin-gonic/gin", "Context",
-              ["BindJSON", "MustBindWith", "BindWith", "Bind", "ShouldBind", "ShouldBindBodyWith",
-                  "ShouldBindJSON", "ShouldBindWith"]) and
+              [
+                "BindJSON", "MustBindWith", "BindWith", "Bind", "ShouldBind", "ShouldBindBodyWith",
+                "ShouldBindJSON", "ShouldBindWith"
+              ]) and
        safeKey = "binding"
        or
        //Validator Struct