From 8d588a10a9fb475495d3902dd223743e8585de4b Mon Sep 17 00:00:00 2001
From: Arne Welzel <arne.welzel@corelight.com>
Date: Wed, 21 May 2025 11:48:58 +0200
Subject: [PATCH] http/detect-sql-injection: Fix zeekygen comment

    Discarded extraneous Zeekygen comment: $src field; and always provides a victim IP address in the $dst field.
---
 scripts/policy/protocols/http/detect-sql-injection.zeek | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/scripts/policy/protocols/http/detect-sql-injection.zeek b/scripts/policy/protocols/http/detect-sql-injection.zeek
index cb3ce31074..0c2e64311f 100644
--- a/scripts/policy/protocols/http/detect-sql-injection.zeek
+++ b/scripts/policy/protocols/http/detect-sql-injection.zeek
@@ -1,8 +1,8 @@
 ##! SQL injection attack detection in HTTP.
-
-## The script annotates the notices it generates with an associated $uid
-## connection identifier; always provides an attacker IP address in the
-## $src field; and always provides a victim IP address in the $dst field.
+##!
+##! The script annotates the notices it generates with an associated $uid
+##! connection identifier; always provides an attacker IP address in the
+##! $src field; and always provides a victim IP address in the $dst field.
 
 @load base/frameworks/notice
 @load base/frameworks/sumstats