hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-24 16:25:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Correct the name tag and change the placeholders in the query

Browse Source
This commit is contained in:
Bt2018
2020-05-14 08:13:21 -04:00
committed by GitHub
parent 9a7ab4ee32
commit 819a599e2c
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/src/experimental/CWE-939/IncorrectURLVerification.ql
View File

@@ -1,6 +1,6 @@
/**
* @id java/incorrect-url-verification
* @name Insertion of sensitive information into log files
* @name Incorrect URL verification
* @description Apps that rely on URL parsing to verify that a given URL is pointing to a trusted server are susceptible to wrong ways of URL parsing and verification.
* @kind problem
* @tags security
@@ -83,5 +83,5 @@ class HostVerificationMethodAccess extends MethodAccess {
from UriGetHostMethod um, MethodAccess uma, HostVerificationMethodAccess hma
where hma.getQualifier() = uma and uma.getMethod() = um
select "Potentially improper URL verification with $@ in $@ having $@.", hma, hma.getFile(),
select "Potentially improper URL verification at ", hma, "having $@ ", hma.getFile(),
hma.getArgument(0), "user-provided value"