hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 13:15:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update go/ql/src/experimental/CWE-525/WebCacheDeception.ql

Browse Source 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
This commit is contained in:
Yunus AYDIN
2023-11-15 15:08:29 +03:00
committed by GitHub
parent 74f1344ac5
commit fa1fa0d19d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
go/ql/src/experimental/CWE-525/WebCacheDeception.ql
View File

@@ -19,7 +19,7 @@ where
httpHandleFuncCall.getTarget().hasQualifiedName("net/http", "HandleFunc") and
httpHandleFuncCall.getNumArgument() > 1 and
httpHandleFuncCall.getArgument(0).getType().getUnderlyingType() = StringType and
httpHandleFuncCall.getArgument(0).toString().matches("%/\"") and
httpHandleFuncCall.getArgument(0).getStringValue().matches("%/\"") and
// Trace the second argument's data flow to its predecessor
predecessor = httpHandleFuncCall.getArgument(1).getAPredecessor() and
// Find the corresponding expression for the predecessor