hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-29 22:32:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

Cleanup: disjunction -> set literal

Browse Source
This commit is contained in:
Chris Smowton
2020-07-08 15:47:35 +01:00
parent 75d69efb15
commit 08ec017e4c
1 changed files with 4 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
ql/src/experimental/CWE-327/InsecureTLS.ql
View File

@@ -90,19 +90,10 @@ class TlsInsecureCipherSuitesFlowConfig extends TaintTracking::Configuration {
predicate isSourceValueEntity(DataFlow::Node source, string suiteName) {
exists(DataFlow::ValueEntity val |
val.hasQualifiedName("crypto/tls", suiteName) and
(
suiteName = "TLS_RSA_WITH_RC4_128_SHA"
or
suiteName = "TLS_RSA_WITH_AES_128_CBC_SHA256"
or
suiteName = "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"
or
suiteName = "TLS_ECDHE_RSA_WITH_RC4_128_SHA"
or
suiteName = "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
or
suiteName = "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
)
suiteName =
["TLS_RSA_WITH_RC4_128_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"]
|
source = val.getARead()
)