hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-20 22:44:52 +02:00
Code Issues Packages Projects Releases Wiki Activity

Small fixes based on feedback

Browse Source
This commit is contained in:
Raul Garcia (MSFT)
2020-07-20 11:14:59 -07:00
parent 5387294168
commit 9d7d6b39cb
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
csharp/ql/src/experimental/Security Features/Serialization/DataSetSerialization.qll
View File

@@ -79,7 +79,7 @@ class UnsafeXmlSerializerImplementation extends SerializableClass {
}
/**
* Method that may be unsafe when used to serialize DataSet and DataTable related types
* Method that may be unsafe when used to deserialize DataSet and DataTable related types
*/
class UnsafeXmlReadMethod extends Method {
UnsafeXmlReadMethod() {
@@ -91,8 +91,7 @@ class UnsafeXmlReadMethod extends Method {
this.getName().matches("ReadXml%") and
exists( Class c |
c.getAMethod() = this |
c.getABaseType*() instanceof DataSetOrTableRelatedClass or
c.getABaseType*() instanceof DataSetOrTableRelatedClass
c.getABaseType*() instanceof DataSetOrTableRelatedClass
)
)
}