hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-29 14:23:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Apply suggestions from code review

Browse Source 
Co-authored-by: Chris Smowton <smowton@github.com>
This commit is contained in:
Slavomir
2021-07-16 00:42:36 +03:00
committed by GitHub
parent 92e0f02d2a
commit e92738a93f
1 changed files with 2 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ql/src/experimental/CWE-942/CorsMisconfiguration.ql
View File

@@ -122,11 +122,9 @@ class FlowsFromUntrusted extends TaintTracking::Configuration {
predicate isSink(DataFlow::Node sink, ControlFlow::ConditionGuardNode cgn) {
exists(IfStmt ifs |
exists(Expr child, Expr operand |
child = ifs.getCond().getAChildExpr*() and
operand = child and
exists(Expr operand |
operand = ifs.getCond().getAChildExpr*() and
(
//
exists(DataFlow::CallExpr call | call = operand |
call.getTarget().hasQualifiedName("strings", "HasSuffix") and
sink.asExpr() = call.getArgument(0)