C#: Address review comments

hvitved · hvitved · commit 508b09f565fa · 2019-11-04T13:43:39.000+01:00
diff --git a/change-notes/1.23/analysis-csharp.md b/change-notes/1.23/analysis-csharp.md
@@ -9,9 +9,9 @@ The following changes in version 1.23 affect C# analysis in all applications.
 | **Query**                   | **Tags**  | **Purpose**                                                        |
 |-----------------------------|-----------|--------------------------------------------------------------------|
 | Deserialized delegate (`cs/deserialized-delegate`) | security, external/cwe/cwe-502 | Finds unsafe deserialization of delegate types. |
-| Deserialization of untrusted data (`cs/unsafe-deserialization-untrusted-input`) | security | Finds flow of untrusted input to calls to unsafe deserializers. |
+| Deserialization of untrusted data (`cs/unsafe-deserialization-untrusted-input`) | security, external/cwe/cwe-502 | Finds flow of untrusted input to calls to unsafe deserializers. |
 | Unsafe year argument for 'DateTime' constructor (`cs/unsafe-year-construction`) | reliability, date-time | Finds incorrect manipulation of `DateTime` values, which could lead to invalid dates. |
-| Unsafe deserializer (`cs/unsafe-deserialization`) | security | Finds calls to unsafe deserializers. |
+| Unsafe deserializer (`cs/unsafe-deserialization`) | security, external/cwe/cwe-502 | Finds calls to unsafe deserializers. |
 | Mishandling the Japanese era start date (`cs/mishandling-japanese-era`) | reliability, date-time | Finds hard-coded Japanese era start dates that could be invalid. |
 
 ## Changes to existing queries
diff --git a/csharp/ql/src/Security Features/CWE-502/UnsafeDeserialization.qhelp b/csharp/ql/src/Security Features/CWE-502/UnsafeDeserialization.qhelp
@@ -5,7 +5,7 @@
 <overview>
 
 <p>Deserializing an object from untrusted input may result in security problems, such
-as denial-of-service or remote code execution.</p>
+as denial of service or remote code execution.</p>
 
 </overview>
 <recommendation>
diff --git a/csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.qhelp b/csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.qhelp
@@ -5,7 +5,7 @@
 <overview>
 
 <p>Deserializing an object from untrusted input may result in security problems, such
-as denial-of-service or remote code execution.</p>
+as denial of service or remote code execution.</p>
 
 </overview>
 <recommendation>
