Skip to content

Commit

Permalink
Apply suggestions from code review
Browse files Browse the repository at this point in the history 
Co-authored-by: Ben Ahmady <[email protected]>
  • Loading branch information
@max-schaefer @subatoi
max-schaefer and subatoi authored Mar 22, 2024
1 parent bc9396e commit 034ed17
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions go/ql/src/Security/CWE-022/TaintedPath.qhelp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,9 +64,9 @@ path separators or ".." sequences.
Note that this approach is only suitable if the input is expected to be a single file name.
</p>
<p>
If the input can be a path with multiple components, we can make it safe by verifying
If the input can be a path with multiple components, you can make it safe by verifying
that the path is within a specific directory that is considered safe.
This can be done by resolving the input with respect to that directory, and then checking
You can do this by resolving the input with respect to that directory, and then checking
that the resulting path is still within it.
</p>
<sample src="TaintedPathGood2.go" />
Expand Down

0 comments on commit 034ed17

Please sign in to comment.