Nit: Fix qhelp and ql autoformat

Author: SpaceWhite

java/ql/src/experimental/CWE-643/XPathInjection.qhelp

@@ -15,24 +15,24 @@ If user input must be included in an XPath expression, pre-compile the query and
 references to include the user input.
 </p>
 <p>
-XPath injection can also be prevented by using XQuery
+XPath injection can also be prevented by using XQuery.
 </p>
 
 </recommendation>
 
 <example>
 <p>
-In the first, second, and third example, the code accepts a user and password specified by the user, and uses this
+In the first, second, and third example, the code accepts a name and password specified by the user, and uses this
 unvalidated and unsanitized value in an XPath expression. This is vulnerable to the user providing
 special characters or string sequences that change the meaning of the XPath expression to search
 for different values.
 </p>
 
 <p>
-In the forth example, the code utilizes setXPathVariableResolver which prevents XPath Injection
+In the fourth example, the code utilizes setXPathVariableResolver which prevents XPath Injection.
 </p>
 <p>
-The fifth example is dom4j xpath injection example
+The fifth example is a dom4j XPath injection example
 </p>
 <sample src="XPathInjection.java" />
 </example>

java/ql/src/experimental/CWE-643/XPathInjection.ql

@@ -27,21 +27,18 @@ class XPathInjectionConfiguration extends TaintTracking::Configuration {
 class XPathInjectionSink extends DataFlow::ExprNode {
   XPathInjectionSink() {
     exists(Method m, MethodAccess ma | ma.getMethod() = m |
-      (
-        m.getDeclaringType().hasQualifiedName("javax.xml.xpath", "XPath") and
-        (m.hasName("evaluate") or m.hasName("compile")) and
-        ma.getArgument(0) = this.getExpr()
-      ) or
-      (
-        m.getDeclaringType().hasQualifiedName("org.dom4j", "Node") and
-        (m.hasName("selectNodes") or m.hasName("selectSingleNode")) and
-        ma.getArgument(0) = this.getExpr()
-      )
+      m.getDeclaringType().hasQualifiedName("javax.xml.xpath", "XPath") and
+      (m.hasName("evaluate") or m.hasName("compile")) and
+      ma.getArgument(0) = this.getExpr()
+      or
+      m.getDeclaringType().hasQualifiedName("org.dom4j", "Node") and
+      (m.hasName("selectNodes") or m.hasName("selectSingleNode")) and
+      ma.getArgument(0) = this.getExpr()
     )
   }
 }
 
 from DataFlow::PathNode source, DataFlow::PathNode sink, XPathInjectionConfiguration c
 where c.hasFlowPath(source, sink)
 select sink.getNode(), source, sink, "$@ flows to here and is used in an XPath expression.",
-  source.getNode(), "User-provided value"
+  source.getNode(), "User-provided value"