Skip to content

Commit c7c46ea

Browse files
erik-krogherik-krogh
committed
update test comments to be consistent
1 parent 550c578 commit c7c46ea

File tree

1 file changed

+2
-2
lines changed
  • javascript/ql/test/query-tests/Security/CWE-022/TaintedPath

1 file changed

+2
-2
lines changed

javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/TaintedPath.js

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -36,11 +36,11 @@ var server = http.createServer(function(req, res) {
3636
res.write(fs.readFileSync(path)); // GOOD: Path is sanitized
3737

3838
path = url.parse(req.url, true).query.path;
39-
// BAD: taint is preserved [INCONSISTENCY]
39+
// GOOD: basename is safe
4040
res.write(fs.readFileSync(pathModule.basename(path)));
4141
// BAD: taint is preserved
4242
res.write(fs.readFileSync(pathModule.dirname(path)));
43-
// BAD: taint is preserved [INCONSISTENCY]
43+
// GOOD: extname is safe
4444
res.write(fs.readFileSync(pathModule.extname(path)));
4545
// BAD: taint is preserved
4646
res.write(fs.readFileSync(pathModule.join(path)));

0 commit comments

Comments
 (0)