]> git.ipfire.org Git - thirdparty/systemd.git/commitdiff
projects / thirdparty / systemd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0f64d57)
codeql: taint basename()
authorLennart Poettering <lennart@poettering.net>
Fri, 6 Jun 2025 13:56:46 +0000 (15:56 +0200)
committerYu Watanabe <watanabe.yu+github@gmail.com>
Fri, 6 Jun 2025 14:53:53 +0000 (23:53 +0900)
.github/codeql-queries/PotentiallyDangerousFunction.ql patch | blob | blame | history

diff --git a/.github/codeql-queries/PotentiallyDangerousFunction.ql b/.github/codeql-queries/PotentiallyDangerousFunction.ql
index d5a5635c356788e5cc05e36daa7a47f8bdab5055..40e2bbb6f9eff03ef30c83d4f4609d284d7d2cf6 100644 (file)
--- a/.github/codeql-queries/PotentiallyDangerousFunction.ql
+++ b/.github/codeql-queries/PotentiallyDangerousFunction.ql
@@ -49,6 +49,9 @@ predicate potentiallyDangerousFunction(Function f, string message) {
   ) or (
     f.getQualifiedName() = "dirname" and
     message = "Call dirname() is icky. Use path_extract_directory() instead."
+  ) or (
+    f.getQualifiedName() = "basename" and
+    message = "Call basename() is icky. Use path_extract_filename() instead."
   )
 }
 
Unnamed repository; edit this file 'description' to name the repository.