Apply suggestions from code review

Co-authored-by: Taus <tausbn@github.com>
2026-04-30 19:26:02 +02:00 · 2021-04-12 08:16:36 +02:00
parent 38daeb4df2
commit 02d6de81a7
2 changed files with 2 additions and 2 deletions
--- a/python/ql/src/Security/CWE-327/README.md
+++ b/python/ql/src/Security/CWE-327/README.md
@@ -12,7 +12,7 @@ This should be kept up to date; the world is moving fast and protocols are being

 - `ssl.wrap_socket` is creating insecure connections, use `SSLContext.wrap_socket` instead. [link](https://docs.python.org/3/library/ssl.html#ssl.wrap_socket)
    > Deprecated since version 3.7: Since Python 3.2 and 2.7.9, it is recommended to use the `SSLContext.wrap_socket()` instead of `wrap_socket()`. The top-level function is limited and creates an insecure client socket without server name indication or hostname matching.
- Default consteructors are fine, a fluent api is used to constrain possible protocols later.
+- Default constructors are fine, a fluent API is used to constrain possible protocols later.

 ## Current recomendation

--- a/python/ql/src/Security/CWE-327/TlsLibraryModel.qll
+++ b/python/ql/src/Security/CWE-327/TlsLibraryModel.qll
@@ -116,7 +116,7 @@ abstract class TlsLibrary extends string {
  }

  /** The creation of a context with an unspecific protocol version, say TLS, known to have insecure instances. */
-  DataFlow::CfgNode unspecific_context_creation(ProtocolFamily family) {
+  ContextCreation unspecific_context_creation(ProtocolFamily family) {
    result = default_context_creation()
    or
    result = specific_context_creation() and