hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 11:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update java/ql/test/query-tests/security/CWE-643/XPathInjectionTest.java

Browse Source 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
This commit is contained in:
Tony Torralba
2021-05-03 09:10:45 +02:00
parent 00a7576679
commit 926fedb7fb
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/test/query-tests/security/CWE-643/XPathInjectionTest.java
View File

@@ -133,7 +133,7 @@ public class XPathInjectionTest {
new DefaultXPath("/users/user[@name='" + user + "' and @pass='" + pass + "']"); // $hasXPathInjection
new XPathPattern("/users/user[@name='" + user + "' and @pass='" + pass + "']"); // $hasXPathInjection
new XPathPattern(new PatternStub(user)); // Safe
new XPathPattern(new PatternStub(user)); // Jaxen is not modeled yet
DocumentFactory docFactory = DocumentFactory.getInstance();
docFactory.createPattern("/users/user[@name='" + user + "' and @pass='" + pass + "']"); // $hasXPathInjection
@@ -155,4 +155,4 @@ public class XPathInjectionTest {
namespace.createPattern("/users/user[@name='" + user + "' and @pass='" + pass + "']"); // $hasXPathInjection
namespace.createXPathFilter("/users/user[@name='" + user + "' and @pass='" + pass + "']"); // $hasXPathInjection
}
}
}