Ruby: Add new test case for rb/code-injection

alexrford · alexrford · commit 4a39e4aac0ea · 2022-10-09T22:26:29.000+01:00
diff --git a/ruby/ql/test/query-tests/security/cwe-094/CodeInjection.rb b/ruby/ql/test/query-tests/security/cwe-094/CodeInjection.rb
@@ -37,8 +37,8 @@ def create
     # BAD
     eval(Regexp.escape(code))
 
-
-
+    # BAD
+    ActiveJob::Serializers.deserialize(code)
   end
 
   def update
