semgrep java lang improvements

MobSF · Jul 16, 2022 · 50df486 · 50df486
1 parent f6b4e9f
commit 50df486
Showing 1 changed file with 1 addition and 2 deletions.
diff --git a/tests/assets/rules/semgrep/deserialization/object_deserialization.java b/tests/assets/rules/semgrep/deserialization/object_deserialization.java
@@ -16,8 +16,7 @@ public UserData deserializeObject(InputStream receivedFile) throws IOException,
     }
 
     public UserData deserializeObject(InputStream receivedFile) throws IOException, ClassNotFoundException {
-    // this pattern not yet working. See https://github.com/returntocorp/semgrep/issues/717
-    // This should have a To Do comment, but I want this rule available so I'm leaving it out for now.
+        // ruleid:object_deserialization
         try (ObjectInputStream in = new ObjectInputStream(receivedFile)) {
             return (UserData) in.readObject();
         } catch (IOException e) {