hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-21 15:05:56 +02:00
Code Issues Packages Projects Releases Wiki Activity

Weak Hashing query wording

Browse Source
This commit is contained in:
Ed Minnix
2023-10-25 20:23:30 -04:00
parent 86b57a11ac
commit 0efca8200d
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/src/Security/CWE/CWE-328/WeakHashingProperty.ql
View File

@@ -1,5 +1,5 @@
/**
* @name Weak Hashing Property
* @name Weak hashing algorithm specified in properties file
* @description Using weak cryptographic algorithms can allow an attacker to compromise security.
* @id java/weak-hashing-property
* @kind path-problem
@@ -16,5 +16,5 @@ import InsecureAlgorithmPropertyFlow::PathGraph
from InsecureAlgorithmPropertyFlow::PathNode source, InsecureAlgorithmPropertyFlow::PathNode sink
where InsecureAlgorithmPropertyFlow::flowPath(source, sink)
select sink.getNode(), sink, source, "The $@ algorithm is insecure.", source,
select sink.getNode(), sink, source, "The $@ hashing algorithm is insecure.", source,
getWeakHashingAlgorithmName(source.getNode())