Generalize QueryInjectionSink

Extends from the more general DataFlow::Node instead of DataFlow::ExprNode
2025-12-24 04:36:35 +01:00 · 2020-07-09 12:32:17 +02:00
parent c01844a39e
commit 9a84abf259
2 changed files with 5 additions and 5 deletions
--- a/java/ql/src/Security/CWE/CWE-089/SqlUnescaped.ql
+++ b/java/ql/src/Security/CWE/CWE-089/SqlUnescaped.ql
@@ -40,7 +40,7 @@ class UncontrolledStringBuilderSourceFlowConfig extends TaintTracking::Configura
 from QueryInjectionSink query, Expr uncontrolled
 where
  (
-    builtFromUncontrolledConcat(query.getExpr(), uncontrolled)
+    builtFromUncontrolledConcat(query.asExpr(), uncontrolled)
    or
    exists(StringBuilderVar sbv, UncontrolledStringBuilderSourceFlowConfig conf |
      uncontrolledStringBuilderQuery(sbv, uncontrolled) and