lib/brakeman/checks/check_unsafe_reflection.rb in brakeman-min-5.2.1 vs lib/brakeman/checks/check_unsafe_reflection.rb in brakeman-min-5.2.2

@@ -18,11 +18,11 @@
   end
 
   def check_unsafe_reflection result
     return unless original? result
 
-    call = result[:call] 
+    call = result[:call]
     method = call.method
 
     case method
     when :constantize, :safe_constantize
       arg = call.target
@@ -35,10 +35,15 @@
     elsif input = include_user_input?(arg)
       confidence = :medium
     end
 
     if confidence
-      message = msg("Unsafe reflection method ", msg_code(method), " called with ", msg_input(input))
+      case method
+      when :constantize, :safe_constantize
+        message = msg("Unsafe reflection method ", msg_code(method), " called on ", msg_input(input))
+      else
+        message = msg("Unsafe reflection method ", msg_code(method), " called with ", msg_input(input))
+      end
 
       warn :result => result,
         :warning_type => "Remote Code Execution",
         :warning_code => :unsafe_constantize,
         :message => message,