Skip to content

Commit 8f00acd

Browse files
dellaliberaerik-krogh
dellalibera
and
erik-krogh
authored
Update javascript/ql/src/experimental/Security/CWE-090/Ldapjs.qll
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
1 parent 78ebcee commit 8f00acd

File tree

1 file changed

+8
-1
lines changed
  • javascript/ql/src/experimental/Security/CWE-090

1 file changed

+8
-1
lines changed

javascript/ql/src/experimental/Security/CWE-090/Ldapjs.qll

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -65,7 +65,14 @@ module Ldapjs {
6565
* A distinguished name (DN) used in a Client API call against the LDAP server.
6666
*/
6767
class LdapjsDNArgument extends DataFlow::Node {
68-
LdapjsDNArgument() { this = any(LdapjsClientAPICall clientAPIcall).getArgument(0) }
68+
LdapjsClientAPICall queryCall;
69+
70+
LdapjsDNArgument() { this = queryCall.getArgument(0) }
71+
72+
/**
73+
* Gets the LDAP query call that this DN is used in.
74+
*/
75+
DataFlow::InvokeNode getQueryCall() { result = queryCall }
6976
}
7077

7178
/**

0 commit comments

Comments
 (0)