File tree Expand file tree Collapse file tree 1 file changed +8
-6
lines changed
ruby/ql/lib/codeql/ruby/security Expand file tree Collapse file tree 1 file changed +8
-6
lines changed Original file line number Diff line number Diff line change @@ -64,11 +64,12 @@ module UnsafeCodeConstruction {
6464 */
6565 class StringFormatAsSink extends Sink {
6666 Concepts:: CodeExecution s ;
67- Ast:: StringLiteral lit ;
6867
6968 StringFormatAsSink ( ) {
70- any ( DataFlow:: Node n | n .asExpr ( ) .getExpr ( ) = lit ) = getANodeExecutedAsCode ( s ) and
71- this .asExpr ( ) .getExpr ( ) = lit .getComponent ( _)
69+ exists ( Ast:: StringLiteral lit |
70+ any ( DataFlow:: Node n | n .asExpr ( ) .getExpr ( ) = lit ) = getANodeExecutedAsCode ( s ) and
71+ this .asExpr ( ) .getExpr ( ) = lit .getComponent ( _)
72+ )
7273 }
7374
7475 override DataFlow:: Node getCodeSink ( ) { result = s }
@@ -84,11 +85,12 @@ module UnsafeCodeConstruction {
8485 */
8586 class TaintedFormatStringAsSink extends Sink {
8687 Concepts:: CodeExecution s ;
87- TaintedFormat:: PrintfStyleCall call ;
8888
8989 TaintedFormatStringAsSink ( ) {
90- call = getANodeExecutedAsCode ( s ) and
91- this = [ call .getFormatArgument ( _) , call .getFormatString ( ) ]
90+ exists ( TaintedFormat:: PrintfStyleCall call |
91+ call = getANodeExecutedAsCode ( s ) and
92+ this = [ call .getFormatArgument ( _) , call .getFormatString ( ) ]
93+ )
9294 }
9395
9496 override DataFlow:: Node getCodeSink ( ) { result = s }
You can’t perform that action at this time.
0 commit comments