Update java/ql/src/semmle/code/java/frameworks/Jackson.qll

aschackmull · web-flow · commit 6c973b59ac7a · 2021-08-02T10:16:42.000+02:00
diff --git a/java/ql/src/semmle/code/java/frameworks/Jackson.qll b/java/ql/src/semmle/code/java/frameworks/Jackson.qll
@@ -156,7 +156,7 @@ predicate hasArgumentWithUnsafeJacksonAnnotation(MethodAccess call) {
 
 /**
  * Holds if `fromNode` to `toNode` is a dataflow step that looks like resolving a class.
- * A method probably resolves a class if takes a string, returns a type descriptor,
+ * A method probably resolves a class if it takes a string, returns a type descriptor,
  * and its name contains "resolve", "load", etc.
  *
  * Any method call that satisfies the rule above is assumed to propagate taint from its string arguments,

Original file line number	Diff line number	Diff line change
`@@ -156,7 +156,7 @@ predicate hasArgumentWithUnsafeJacksonAnnotation(MethodAccess call) {`
`156`	`156`
`157`	`157`	`/**`
`158`	`158`	* Holds if `fromNode` to `toNode` is a dataflow step that looks like resolving a class.
`159`		`- * A method probably resolves a class if takes a string, returns a type descriptor,`
	`159`	`+ * A method probably resolves a class if it takes a string, returns a type descriptor,`
`160`	`160`	`* and its name contains "resolve", "load", etc.`
`161`	`161`	`*`
`162`	`162`	`* Any method call that satisfies the rule above is assumed to propagate taint from its string arguments,`