hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 16:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Minor refactor - removed unused argument

Browse Source
This commit is contained in:
Owen Mansel-Chan
2025-04-24 16:30:36 +01:00
parent b90aba291e
commit 7f007e10c4
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
go/ql/src/Security/CWE-079/HTMLTemplateEscapingPassthrough.ql
View File

@@ -26,8 +26,8 @@ class UnescapedType extends Type {
/**
* Holds if the sink is a data value argument of a template execution call.
*/
predicate isSinkToTemplateExec(DataFlow::Node sink, DataFlow::CallNode call) {
exists(Method fn, string methodName |
predicate isSinkToTemplateExec(DataFlow::Node sink) {
exists(Method fn, string methodName, DataFlow::CallNode call |
fn.hasQualifiedName("html/template", "Template", methodName) and
call = fn.getACall()
|
@@ -69,7 +69,7 @@ module UntrustedToTemplateExecWithConversionConfig implements DataFlow::StateCon
}
predicate isSink(DataFlow::Node sink, FlowState state) {
state.isAfterConversion(_) and isSinkToTemplateExec(sink, _)
state.isAfterConversion(_) and isSinkToTemplateExec(sink)
}
predicate isBarrier(DataFlow::Node node) {