hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

update rb/code-injection to match python

Browse Source
This commit is contained in:
erik-krogh
2022-08-11 22:37:57 +02:00
parent 60908de089
commit 778879908e
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ruby/ql/src/queries/security/cwe-094/CodeInjection.ql
View File

@@ -22,5 +22,5 @@ from Configuration config, DataFlow::PathNode source, DataFlow::PathNode sink, S
where
config.hasFlowPath(source, sink) and
sourceNode = source.getNode()
select sink.getNode(), source, sink, "This code execution depends on $@.", sourceNode,
"a user-provided value"
select sink.getNode(), source, sink, "$@ flows to here and is interpreted as code.",
source.getNode(), "User-provided value"