hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Apply suggestions from code review

Browse Source 
Base type of EscapingSanitizer

Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
This commit is contained in:
Asger F
2020-05-18 09:31:09 +01:00
committed by GitHub
parent ffb22c061a
commit f52c827966
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
javascript/ql/src/semmle/javascript/frameworks/SQL.qll
View File

@@ -74,10 +74,10 @@ private module MySql {
}
/** A call to the `escape` or `escapeId` method that performs SQL sanitization. */
class EscapingSanitizer extends SQL::SqlSanitizer, @callexpr {
class EscapingSanitizer extends SQL::SqlSanitizer, MethodCallExpr {
EscapingSanitizer() {
this = [mysql(), pool(), connection()].getAMemberCall(["escape", "escapeId"]).asExpr() and
input = this.(MethodCallExpr).getArgument(0) and
this = [mysql(), pool(), connection()].getAMethodCall(["escape", "escapeId"]).asExpr() and
input = this.getArgument(0) and
output = this
}
}