hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-24 16:25:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Apply suggestions from code review

Browse Source 
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
This commit is contained in:
Max Schaefer
2023-11-21 10:07:11 +00:00
committed by GitHub
parent d147faba4e
commit dfffa1e237
3 changed files with 11 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/examples/TaintedPath.js
View File

@@ -7,6 +7,6 @@ const ROOT = "/var/www/";
var server = http.createServer(function(req, res) {
let filePath = url.parse(req.url, true).query.path;
// BAD: This could read any file on the file system
// BAD: This function uses unsanitized input that can read any file on the file system.
res.write(fs.readFileSync(ROOT + filePath, 'utf8'));
});