hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Typos and rewording

Browse Source 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
This commit is contained in:
Edward Minnix III
2023-03-30 10:59:12 -04:00
committed by GitHub
parent 58ad8e4292
commit 8250e4393c
3 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/lib/change-notes/2023-03-29-moved-configurations-for-queries.md
View File

@@ -3,7 +3,7 @@ category: minorAnalysis
---
* Added the `TaintedPathQuery.qll` library to provide the `TaintedPathFlow` and `TaintedPathLocalFlow` taint-tracking modules to reason about tainted path vulnerabilities.
* Added the `ZipSlipQuery.qll` library to provide the `ZipSlipFlow` taint-tracking module to reason about zip-slip vulnerabilities.
* Added the `InsecureBeanValidationQuery.qll` library to provide the `BeanValidationFlow` taint-tracking module to reason about bean validation vulnerabilities.
* Added the `InsecureBeanValidationQuery.qll` library to provide the `BeanValidationFlow` taint-tracking module to reason about bean validation vulnerabilities.
* Added the `XssQuery.qll` library to provide the `XssFlow` taint-tracking module to reason about cross site scripting vulnerabilities.
* Added the `LdapInjectionQuery.qll` library to provide the `LdapInjectionFlow` taint-tracking module to reason about LDAP injection vulnerabilities.
* Added the `ResponseSplittingQuery.qll` library to provide the `ResponseSplittingFlow` taint-tracking module to reason about response splitting vulnerabilities.

2
java/ql/lib/semmle/code/java/security/InsecureBeanValidationQuery.qll
View File

@@ -6,7 +6,7 @@ import semmle.code.java.dataflow.FlowSources
private import semmle.code.java.dataflow.ExternalFlow
/**
* A message interpolator Type that perform Expression Language (EL) evaluations
* A message interpolator Type that perform Expression Language (EL) evaluations.
*/
class ELMessageInterpolatorType extends RefType {
ELMessageInterpolatorType() {

4
java/ql/lib/semmle/code/java/security/TaintedPathQuery.qll
View File

@@ -77,7 +77,7 @@ module TaintedPathConfig implements DataFlow::ConfigSig {
module TaintedPathFlow = TaintTracking::Global<TaintedPathConfig>;
/**
* A taint-tracking configuration for tracking flow from user input to the creation of a path.
* A taint-tracking configuration for tracking flow from local user input to the creation of a path.
*/
module TaintedPathLocalConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof LocalUserInput }
@@ -100,5 +100,5 @@ module TaintedPathLocalConfig implements DataFlow::ConfigSig {
}
}
/** Tracks flow from user input to the creation of a path. */
/** Tracks flow from local user input to the creation of a path. */
module TaintedPathLocalFlow = TaintTracking::Global<TaintedPathLocalConfig>;