hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Refactor PermissiveDotRegex.ql

Browse Source
This commit is contained in:
Ed Minnix
2023-04-12 20:37:01 -04:00
parent 5164c2480f
commit c49bf01dc8
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegex.ql
View File

@@ -14,10 +14,10 @@
import java
import semmle.code.java.dataflow.FlowSources
import DataFlow::PathGraph
import MatchRegexFlow::PathGraph
import PermissiveDotRegexQuery
from DataFlow::PathNode source, DataFlow::PathNode sink, MatchRegexConfiguration conf
where conf.hasFlowPath(source, sink)
from MatchRegexFlow::PathNode source, MatchRegexFlow::PathNode sink
where MatchRegexFlow::flowPath(source, sink)
select sink.getNode(), source, sink, "Potentially authentication bypass due to $@.",
source.getNode(), "user-provided value"