mirror of
https://github.com/github/codeql.git
synced 2026-03-26 09:18:16 +01:00
15 lines
447 B
Plaintext
15 lines
447 B
Plaintext
import semmle.code.java.security.SqlUnescapedLib
|
|
|
|
from StringBuilderVar sbv, Expr uncontrolled, Method method, int methodLine
|
|
where
|
|
uncontrolledStringBuilderQuery(sbv, uncontrolled)
|
|
and method = uncontrolled.getEnclosingCallable()
|
|
and methodLine = method.getLocation().getStartLine()
|
|
select
|
|
method.getName(),
|
|
sbv.getLocation().getStartLine() - methodLine,
|
|
sbv,
|
|
uncontrolled.getLocation().getStartLine() - methodLine,
|
|
uncontrolled
|
|
|