Update go/ql/src/experimental/CWE-525/WebCacheDeception.ql

aydinnyunus · owen-mc · web-flow · commit 74f1344ac575 · 2023-11-15T15:08:14.000+03:00
Co-authored-by: Owen Mansel-Chan &lt;62447351+owen-mc@users.noreply.github.com&gt;
diff --git a/go/ql/src/experimental/CWE-525/WebCacheDeception.ql b/go/ql/src/experimental/CWE-525/WebCacheDeception.ql
@@ -18,7 +18,7 @@ from
 where
   httpHandleFuncCall.getTarget().hasQualifiedName("net/http", "HandleFunc") and
   httpHandleFuncCall.getNumArgument() > 1 and
-  httpHandleFuncCall.getArgument(0).getType().toString() = "string" and
+  httpHandleFuncCall.getArgument(0).getType().getUnderlyingType() = StringType and
   httpHandleFuncCall.getArgument(0).toString().matches("%/\"") and
   // Trace the second argument's data flow to its predecessor
   predecessor = httpHandleFuncCall.getArgument(1).getAPredecessor() and
