Skip to content

Commit 6d4f1eb

Browse files
committed
C#: Consider datetime expressions as simple sanitizers.
1 parent 7c74cc6 commit 6d4f1eb

File tree

1 file changed

+6
-1
lines changed

1 file changed

+6
-1
lines changed

csharp/ql/lib/semmle/code/csharp/security/Sanitizers.qll

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -54,7 +54,12 @@ class UrlSanitizedExpr extends Expr {
5454
* An expression node with a simple type.
5555
*/
5656
class SimpleTypeSanitizedExpr extends DataFlow::ExprNode {
57-
SimpleTypeSanitizedExpr() { this.getType() instanceof SimpleType }
57+
SimpleTypeSanitizedExpr() {
58+
exists(Type t | t = this.getType() |
59+
t instanceof SimpleType or
60+
t instanceof SystemDateTimeStruct
61+
)
62+
}
5863
}
5964

6065
/**

0 commit comments

Comments
 (0)