Small fixes based on feedback

raulgarciamsft · raulgarciamsft · commit 9d7d6b39cb0b · 2020-07-20T11:14:59.000-07:00
diff --git a/csharp/ql/src/experimental/Security Features/Serialization/DataSetSerialization.qll b/csharp/ql/src/experimental/Security Features/Serialization/DataSetSerialization.qll
@@ -79,7 +79,7 @@ class UnsafeXmlSerializerImplementation extends SerializableClass {
 }
 
 /**
- * Method that may be unsafe when used to serialize DataSet and DataTable related types
+ * Method that may be unsafe when used to deserialize DataSet and DataTable related types
  */
 class UnsafeXmlReadMethod extends Method {
   UnsafeXmlReadMethod() {
@@ -91,8 +91,7 @@ class UnsafeXmlReadMethod extends Method {
       this.getName().matches("ReadXml%") and
       exists( Class c |
         c.getAMethod() = this |
-        c.getABaseType*() instanceof DataSetOrTableRelatedClass or
-        c.getABaseType*() instanceof DataSetOrTableRelatedClass
+        c.getABaseType*() instanceof DataSetOrTableRelatedClass 
       )
     )
   }

Original file line number	Diff line number	Diff line change
`@@ -79,7 +79,7 @@ class UnsafeXmlSerializerImplementation extends SerializableClass {`
`79`	`79`	`}`
`80`	`80`
`81`	`81`	`/**`
`82`		`- * Method that may be unsafe when used to serialize DataSet and DataTable related types`
	`82`	`+ * Method that may be unsafe when used to deserialize DataSet and DataTable related types`
`83`	`83`	`*/`
`84`	`84`	`class UnsafeXmlReadMethod extends Method {`
`85`	`85`	`UnsafeXmlReadMethod() {`
`@@ -91,8 +91,7 @@ class UnsafeXmlReadMethod extends Method {`
`91`	`91`	`this.getName().matches("ReadXml%") and`
`92`	`92`	`exists( Class c \|`
`93`	`93`	`c.getAMethod() = this \|`
`94`		`- c.getABaseType*() instanceof DataSetOrTableRelatedClass or`
`95`		`- c.getABaseType*() instanceof DataSetOrTableRelatedClass`
	`94`	`+ c.getABaseType*() instanceof DataSetOrTableRelatedClass`
`96`	`95`	`)`
`97`	`96`	`)`
`98`	`97`	`}`