hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-19 14:04:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Swift: Address false positives.

Browse Source
This commit is contained in:
Geoffrey White
2023-12-15 13:11:43 +00:00
parent 326242a1fb
commit 034daa9b35
1 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
swift/ql/lib/codeql/swift/security/WeakPasswordHashingExtensions.qll
View File

@@ -111,3 +111,18 @@ private class DefaultWeakPasswordHashingSink extends WeakPasswordHashingSink {
override string getAlgorithm() { result = algorithm }
}
/**
* A barrier for weak password hashing, when it occurs inside of
* certain cryptographic algorithms as part of their design.
*/
class WeakPasswordHashingImplementationBarrier extends WeakPasswordHashingBarrier {
WeakPasswordHashingImplementationBarrier() {
this.asParameter()
.getDeclaringFunction()
.(Function)
.getDeclaringDecl*()
.(NominalTypeDecl)
.getName() = ["HMAC", "PBKDF1", "PBKDF2"]
}
}