From 8974f252acd595df5fa46009b57c2a729504cbc3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Alvaro=20Mun=CC=83oz?= <alvaro@pwntester.com>
Date: Tue, 27 Oct 2020 16:19:39 +0100
Subject: [PATCH] fix format and qlhelp errors blocking the merge

---
 .../ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp | 5 +++--
 java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.ql   | 3 ++-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp b/java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
index 9e1ed63ec90..8ef851f08ad 100644
--- a/java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
+++ b/java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
@@ -2,17 +2,17 @@
   "-//Semmle//qhelp//EN"
   "qhelp.dtd">
 <qhelp>
-
 <overview>
 <p>Bean validation custom constraint error messages support different types of interpolation, 
 including <a href="https://docs.jboss.org/hibernate/validator/5.1/reference/en-US/html/chapter-message-interpolation.html#section-interpolation-with-message-expressions">Java EL expressions</a>.
-Controlling part of the message template being passed to `ConstraintValidatorContext.buildConstraintViolationWithTemplate()`
+Controlling part of the message template being passed to <code>ConstraintValidatorContext.buildConstraintViolationWithTemplate()</code>
 argument will lead to arbitrary Java code execution. Unfortunately, it is common that validated (and therefore, normally 
 untrusted) bean properties flow into the custom error message.</p>
 </overview>
 
 <recommendation>
 <p>There are different approaches to remediate the issue:</p>
+<ul>
 <li>Do not include validated bean properties in the custom error message.</li>
 <li>Use parameterized messages instead of string concatenation. E.g:</li>
 ``` java
@@ -32,6 +32,7 @@ Validator validator = Validation.byDefaultProvider()
 ```
 <li>Replace Hibernate-Validator with Apache BVal which in its latest version does not interpolate EL expressions by default.
 Note that this replacement may not be a simple drop-in replacement.</li>
+<ul>
 </recommendation>
 
 <example>
diff --git a/java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.ql b/java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.ql
index fdc4d985dd9..a9330ea7267 100644
--- a/java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.ql
+++ b/java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.ql
@@ -16,7 +16,8 @@ import DataFlow::PathGraph
 
 class BuildConstraintViolationWithTemplateMethod extends Method {
   BuildConstraintViolationWithTemplateMethod() {
-    this.getDeclaringType()
+    this
+        .getDeclaringType()
         .getASupertype*()
         .hasQualifiedName("javax.validation", "ConstraintValidatorContext") and
     this.hasName("buildConstraintViolationWithTemplate")