hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-06 23:56:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
40be3bc8cf5a95e37346ed5cd9154607ccc52c65
codeql/docs/language/ql-training/query-examples/java/data-flow-java-1.ql
james 40be3bc8cf docs: rename ql-training-rst > ql-training 
(cherry picked from commit 65573492e7)
2019-09-10 16:03:03 +01:00

11 lines
282 B
Plaintext
Raw Blame History

import java
class StringConcat extends AddExpr {
StringConcat() { getType() instanceof TypeString }
}
from MethodAccess ma
where
ma.getMethod().getName().matches("sparql%Query") and
ma.getArgument(0) instanceof StringConcat
select ma, "SPARQL query vulnerable to injection."
Reference in New Issue View Git Blame Copy Permalink