Address review comments

2026-01-30 14:52:57 +01:00 · 2020-05-14 02:29:26 -07:00
parent 804165c9ef
commit ee0f3c9fba
2 changed files with 6 additions and 2 deletions
--- a/ql/src/semmle/go/security/ReflectedXssCustomizations.qll
+++ b/ql/src/semmle/go/security/ReflectedXssCustomizations.qll
@@ -109,7 +109,11 @@ module ReflectedXss {
   */
  class EqualityTestGuard extends SanitizerGuard, DataFlow::EqualityTestNode {
    override predicate checks(Expr e, boolean outcome) {
-      e = this.getAnOperand().asExpr() and this.eq(outcome, _, _)
+      exists(DataFlow::Node const | const.isConst() |
+        const = this.getAnOperand() and
+        e = this.getAnOperand().asExpr() and
+        this.eq(outcome, _, _)
+      )
    }
  }
 }
--- a/ql/test/query-tests/Security/CWE-079/tst.go
+++ b/ql/test/query-tests/Security/CWE-079/tst.go
@@ -48,7 +48,7 @@ func serve8() {
 		if service != "service1" && service != "service2" {
 			fmt.Fprintln(w, "Service not found")
 		} else {
-			// OK: json data cannot cause an HTML content type to be detected
+			// OK, but caught: service is known to be either "service1" or "service2" here
 			w.Write([]byte(service))
 		}
 	})