hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 01:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ruby: Fix import

Browse Source
This commit is contained in:
Harry Maclean
2022-07-28 15:27:27 +12:00
parent b7d9bf4066
commit ab6287aebd
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ruby/ql/src/queries/security/cwe-116/IncompleteMultiCharacterSanitization.ql
View File

@@ -17,8 +17,11 @@ import ruby
import codeql.ruby.frameworks.core.String
import codeql.ruby.DataFlow
import codeql.ruby.security.IncompleteMultiCharacterSanitizationQuery
import codeql.ruby.security.IncompleteMultiCharacterSanitizationSpecific as Specific
from StringSubstitutionCall replace, EmptyReplaceRegExpTerm dangerous, string prefix, string kind
from
StringSubstitutionCall replace, Specific::EmptyReplaceRegExpTerm dangerous, string prefix,
string kind
where hasResult(replace, dangerous, prefix, kind)
select replace, "This string may still contain $@, which may cause a " + kind + " vulnerability.",
dangerous, prefix