Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 9780fcf

Browse files
committed
fix ftp protocol regexp
1 parent 3f95710 commit 9780fcf

2 files changed

Lines changed: 3 additions & 1 deletion

File tree

javascript/ql/src/semmle/javascript/security/dataflow/UnsecureDownloadCustomizations.qll

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@ module UnsecureDownload {
3434
class SensitiveFileUrl extends Source {
3535
SensitiveFileUrl() {
3636
exists(string str | str = this.getStringValue() |
37-
str.regexpMatch("http://.*|ftp://.'") and
37+
str.regexpMatch("http://.*|ftp://.*") and
3838
exists(string suffix | suffix = unsafeExtension() |
3939
str.suffix(str.length() - suffix.length() - 1).toLowerCase() = "." + suffix
4040
)

javascript/ql/test/query-tests/Security/CWE-829/unsecure-download.js

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,4 +37,6 @@ function baz() {
3737
cp.exec("curl " + url, function () {}); // NOT OK
3838

3939
cp.execFile("curl", [url], function () {}); // NOT OK
40+
41+
nugget("ftp://example.org/unsafe.APK") // NOT OK
4042
}

0 commit comments

Comments
 (0)