hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-24 08:15:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Refactor: use concat instead of hand-written version

Browse Source 
This changes the order of the algorithms in the regex, but I don't think
that makes any difference.
This commit is contained in:
Owen Mansel-Chan
2024-11-29 11:50:57 +00:00
parent e6409e159f
commit 09240e46f2
1 changed files with 1 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
java/ql/lib/semmle/code/java/security/Encryption.qll
View File

@@ -235,22 +235,12 @@ string getAnInsecureHashAlgorithmName() {
result = "MD5"
}
private string rankedInsecureAlgorithm(int i) {
result = rank[i](string name | insecureAlgorithm(name, _))
}
private string insecureAlgorithmString(int i) {
i = 1 and result = rankedInsecureAlgorithm(i)
or
result = rankedInsecureAlgorithm(i) + "|" + insecureAlgorithmString(i - 1)
}
/**
* Gets the regular expression used for matching strings that look like they
* contain an algorithm that is known to be insecure.
*/
string getInsecureAlgorithmRegex() {
result = algorithmRegex(insecureAlgorithmString(max(int i | exists(rankedInsecureAlgorithm(i)))))
result = algorithmRegex(concat(string name | insecureAlgorithm(name, _) | name, "|"))
}
/** Gets the reason why `input` is an insecure algorithm, if any. */