update rb/code-injection to match python

erik-krogh · erik-krogh · commit 778879908ed8 · 2022-08-22T21:41:46.000+02:00
diff --git a/ruby/ql/src/queries/security/cwe-094/CodeInjection.ql b/ruby/ql/src/queries/security/cwe-094/CodeInjection.ql
@@ -22,5 +22,5 @@ from Configuration config, DataFlow::PathNode source, DataFlow::PathNode sink, S
 where
   config.hasFlowPath(source, sink) and
   sourceNode = source.getNode()
-select sink.getNode(), source, sink, "This code execution depends on $@.", sourceNode,
-  "a user-provided value"
+select sink.getNode(), source, sink, "$@ flows to here and is interpreted as code.",
+  source.getNode(), "User-provided value"
