hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 21:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

make the alert messages of taint-tracking queries more consistent

Browse Source
This commit is contained in:
erik-krogh
2022-09-02 22:50:59 +02:00
parent 1fe9b3f4bd
commit aa56ca37ae
69 changed files with 783 additions and 785 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
javascript/ql/src/Security/CWE-134/TaintedFormatString.ql
View File

@@ -16,5 +16,5 @@ import DataFlow::PathGraph
from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
where cfg.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "$@ flows to here and is used in a format string.",
source.getNode(), "User-provided value"
select sink.getNode(), source, sink, "Format string depends on $@.", source.getNode(),
"a user-provided value"