hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-30 06:42:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add alternative package locations

Browse Source
This commit is contained in:
Owen Mansel-Chan
2020-09-09 14:04:02 +01:00
parent baf048f293
commit 95c1f754c6
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ql/src/semmle/go/frameworks/SQL.qll
View File

@@ -161,12 +161,13 @@ module SQL {
}
}
/** A model for sinks of github.com/jinzhu/gorm. */
/** A model for sinks of GORM. */
private class GormSink extends SQL::QueryString::Range {
GormSink() {
exists(Method meth, string name |
meth.hasQualifiedName("github.com/jinzhu/gorm", "DB", name) and
exists(Method meth, string package, string name |
meth.hasQualifiedName(package, "DB", name) and
this = meth.getACall().getArgument(0) and
package in ["github.com/jinzhu/gorm", "github.com/go-gorm/gorm", "gorm.io/gorm"] and
name in ["Where", "Raw", "Order", "Not", "Or", "Select", "Table", "Group", "Having", "Joins"]
)
}