hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
7c21ebb526288f1377c4321ea93ae3b0535b51a1
codeql/docs/language/ql-training/query-examples/java/data-flow-java-1.ql
james 65573492e7 docs: rename ql-training-rst > ql-training
2019-09-05 08:40:36 +01:00

11 lines
282 B
Plaintext
Raw Blame History

import java
class StringConcat extends AddExpr {
StringConcat() { getType() instanceof TypeString }
}
from MethodAccess ma
where
ma.getMethod().getName().matches("sparql%Query") and
ma.getArgument(0) instanceof StringConcat
select ma, "SPARQL query vulnerable to injection."
Reference in New Issue View Git Blame Copy Permalink