зеркало из https://github.com/github/codeql.git
Add support for log injection in MaD
This commit is contained in:
Родитель
40eab180cc
Коммит
4529d8b75a
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
category: minorAnalysis
|
||||||
|
---
|
||||||
|
* Added support for Model as Data for Log-injection query
|
|
@ -66,3 +66,7 @@ class HtmlSanitizer extends Sanitizer instanceof HtmlSanitizerCall { }
|
||||||
class JsonStringifySanitizer extends Sanitizer {
|
class JsonStringifySanitizer extends Sanitizer {
|
||||||
JsonStringifySanitizer() { this = any(JsonStringifyCall c).getOutput() }
|
JsonStringifySanitizer() { this = any(JsonStringifyCall c).getOutput() }
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private class SinkFromModel extends Sink {
|
||||||
|
SinkFromModel() { this = ModelOutput::getASinkNode("log-injection").asSink() }
|
||||||
|
}
|
||||||
|
|
Загрузка…
Ссылка в новой задаче