Skip to content

Commit d016ba2

Browse files
committed
rename name dataflow configuration in js/template-object-injection
1 parent a5bde53 commit d016ba2

File tree

1 file changed

+3
-3
lines changed

1 file changed

+3
-3
lines changed

javascript/ql/src/experimental/Security/CWE-073/TemplateObjectInjection.ql

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -18,8 +18,8 @@ predicate isUsingHbsEngine() {
1818
Express::appCreation().getAMethodCall("set").getArgument(1).mayHaveStringValue("hbs")
1919
}
2020

21-
class HbsLFRTaint extends TaintTracking::Configuration {
22-
HbsLFRTaint() { this = "HbsLFRTaint" }
21+
class TemplateObjInjectionConfig extends TaintTracking::Configuration {
22+
TemplateObjInjectionConfig() { this = "TemplateObjInjectionConfig" }
2323

2424
override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
2525

@@ -48,7 +48,7 @@ class HbsLFRTaint extends TaintTracking::Configuration {
4848
}
4949
}
5050

51-
from HbsLFRTaint cfg, DataFlow::PathNode source, DataFlow::PathNode sink
51+
from DataFlow::Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
5252
where cfg.hasFlowPath(source, sink)
5353
select sink.getNode(), source, sink, "Template object injection due to $@.", source.getNode(),
5454
"user-provided value"

0 commit comments

Comments
 (0)