Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 3affa6c

Browse files
RasmusWLRasmusWL
committed
Python: Annotate xmltodict tests
1 parent 6129193 commit 3affa6c

1 file changed

Lines changed: 2 additions & 2 deletions

File tree

  • python/ql/test/experimental/query-tests/Security/CWE-611

python/ql/test/experimental/query-tests/Security/CWE-611/xml_to_dict.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,10 +8,10 @@
88
def xmltodict_parse():
99
xml_content = request.args['xml_content']
1010

11-
return xmltodict.parse(xml_content)
11+
return xmltodict.parse(xml_content) # OK
1212

1313
@app.route("/xmltodict.parse2")
1414
def xmltodict_parse2():
1515
xml_content = request.args['xml_content']
1616

17-
return xmltodict.parse(xml_content, disable_entities=False)
17+
return xmltodict.parse(xml_content, disable_entities=False) # NOT OK for billion laughs/quadratic

0 commit comments

Comments
 (0)