Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit eb00da5

Browse files
erik-kroghasgerf
erik-krogh
and
asgerf
authored
improve readability
Co-authored-by: Asger F <[email protected]>
1 parent a7f6f04 commit eb00da5

3 files changed

Lines changed: 4 additions & 2 deletions

File tree

javascript/ql/src/Security/CWE-312/BuildArtifactLeak.ql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,5 +19,5 @@ import DataFlow::PathGraph
1919
from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
2020
where cfg.hasFlowPath(source, sink)
2121
select sink.getNode(), source, sink,
22-
"Sensitive data returned by $@ is stored in build artifact here.", source.getNode(),
22+
"Sensitive data returned by $@ is stored in a build artifact here.", source.getNode(),
2323
source.getNode().(CleartextLogging::Source).describe()

javascript/ql/src/semmle/javascript/Arrays.qll

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ module ArrayTaintTracking {
4040
succ = call
4141
)
4242
or
43-
// `arary.reduce` with tainted value in callback
43+
// `array.reduce` with tainted value in callback
4444
call.(DataFlow::MethodCallNode).getMethodName() = "reduce" and
4545
pred = call.getArgument(0).(DataFlow::FunctionNode).getAReturn() and // Require the argument to be a closure to avoid spurious call/return flow
4646
succ = call

javascript/ql/src/semmle/javascript/security/dataflow/CleartextLoggingCustomizations.qll

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -197,6 +197,8 @@ module CleartextLogging {
197197
)
198198
or
199199
// A property-copy step,
200+
// dst[x] = src[x]
201+
// dst[x] = JSON.stringify(src[x])
200202
exists(DataFlow::PropWrite write, DataFlow::PropRead read |
201203
read = write.getRhs()
202204
or

0 commit comments

Comments
 (0)