mirror of
https://github.com/github/codeql.git
synced 2025-12-20 02:44:30 +01:00
8 lines
289 B
Plaintext
8 lines
289 B
Plaintext
import java
|
|
import semmle.code.java.dataflow.DataFlow::DataFlow
|
|
|
|
from MethodAccess ma, StringConcat stringConcat
|
|
where
|
|
ma.getMethod().getName().matches("sparql%Query") and
|
|
localFlow(exprNode(stringConcat), exprNode(ma.getArgument(0)))
|
|
select ma, "SPARQL query vulnerable to injection." |