Update javascript/ql/src/experimental/Security/CWE-117/LogInjection.qll

dellalibera · esbena · web-flow · commit a759905a5cf1 · 2020-06-22T20:37:38.000+02:00
Co-authored-by: Esben Sparre Andreasen &lt;esbena@github.com&gt;
diff --git a/javascript/ql/src/experimental/Security/CWE-117/LogInjection.qll b/javascript/ql/src/experimental/Security/CWE-117/LogInjection.qll
@@ -88,10 +88,8 @@ module LogInjection {
    */
   class StringReplaceSanitizer extends Sanitizer {
     StringReplaceSanitizer() {
-      exists(StringReplaceCall replace, string s |
-        replace.replaces(s, "") and s.regexpMatch("\\n")
-      |
-        this = replace
+      exists(string s |
+        this.(StringReplaceCall).replaces(s, "") and s.regexpMatch("\\n")
       )
     }
   }

Original file line number	Diff line number	Diff line change
`@@ -88,10 +88,8 @@ module LogInjection {`
`88`	`88`	`*/`
`89`	`89`	`class StringReplaceSanitizer extends Sanitizer {`
`90`	`90`	`StringReplaceSanitizer() {`
`91`		`- exists(StringReplaceCall replace, string s \|`
`92`		`- replace.replaces(s, "") and s.regexpMatch("\\n")`
`93`		`- \|`
`94`		`- this = replace`
	`91`	`+ exists(string s \|`
	`92`	`+ this.(StringReplaceCall).replaces(s, "") and s.regexpMatch("\\n")`
`95`	`93`	`)`
`96`	`94`	`}`
`97`	`95`	`}`