File tree Expand file tree Collapse file tree 1 file changed +5
-5
lines changed
ruby/ql/src/queries/security/cwe-116 Expand file tree Collapse file tree 1 file changed +5
-5
lines changed Original file line number Diff line number Diff line change @@ -56,11 +56,11 @@ predicate isBackslashEscape(StringSubstitutionCall sub) {
5656 ( exists ( sub .getPatternString ( ) ) or exists ( sub .getPatternRegExp ( ) .getRegExpTerm ( ) ) ) and
5757 (
5858 // Replacement with `\` followed by a backref such as `\&`, `\1`, etc. The
59- // call in Ruby will look something like `str.sub(/.../, '\\\\\0')`. That
60- // replacement string's value (i.e. after Ruby's unescaping) will be `\\\0`.
61- // To account for the backslash escaping in both QL's string syntax and its
62- // regexp engine, each of those three backslashes becomes `\\\\` in the
63- // following:
59+ // replacement argument to the substitution call will look like '\\\\\0',
60+ // '\\\\\\0', or "\\\\\\0". Those examples all have the same string value
61+ // (i.e. after Ruby's unescaping) of `\\\0`. Then, to account for the
62+ // backslash escaping in both QL's string syntax and its regexp engine, each
63+ // of those three backslashes becomes `\\\\` in the following:
6464 sub .getReplacementString ( ) .regexpMatch ( "\\\\\\\\\\\\(&|\\d)" )
6565 or
6666 // replacement of `c` with `\c`
You can’t perform that action at this time.
0 commit comments