hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

Modify Sanitizer

Browse Source
This commit is contained in:
haby0
2021-10-05 17:12:04 +08:00
parent 9b969e15fc
commit a17b0d4e5c
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
python/ql/src/experimental/Security/CWE-348/ClientSuppliedIpUsedInSecurityCheck.ql
View File

@@ -39,10 +39,9 @@ class ClientSuppliedIpUsedInSecurityCheckConfig extends TaintTracking::Configura
override predicate isSanitizer(DataFlow::Node node) {
exists(Subscript ss |
not ss.getIndex().(IntegerLiteral).getText() = "0" and
ss.getObject().(Call).getFunc().(Attribute).getName() = "split" and
ss.getObject().(Call).getArg(0).(StrConst).getText() = "," and
ss.getObject().(Call).getFunc().(Attribute).getObject() = node.asExpr()
ss.getObject().(Call).getAnArg().(StrConst).getText() = "," and
ss = node.asExpr()
)
}
}