hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 18:55:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Crypto: optimizing out the "getPossibleNidFromLiteral" predicate, and now relying on the charpred of OpenSSLAlgorithmCandidateLiteral.

Browse Source
This commit is contained in:
REDMOND\brodes
2025-05-21 18:25:29 -04:00
parent a36fd2cb31
commit 100045d4cb
1 changed files with 1 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/KnownAlgorithmConstants.qll
View File

@@ -105,9 +105,7 @@ predicate resolveAlgorithmFromCall(Call c, string normalized, string algType) {
predicate resolveAlgorithmFromLiteral(
OpenSSLAlgorithmCandidateLiteral e, string normalized, string algType
) {
exists(int nid |
nid = getPossibleNidFromLiteral(e) and knownOpenSSLAlgorithmLiteral(_, nid, normalized, algType)
)
knownOpenSSLAlgorithmLiteral(_, e.getValue().toInt(), normalized, algType)
or
exists(string name |
name = resolveAlgorithmAlias(e.getValue()) and
@@ -126,17 +124,6 @@ string resolveAlgorithmAlias(string name) {
)
}
/**
* Determines if an int literal (NID) is a candidate for being an algorithm literal.
* Checks for common cases where literals are used that would not be indicative of an algorithm.
* Returns the int literal value if the literal is a candidate for an algorithm.
*/
private int getPossibleNidFromLiteral(OpenSSLAlgorithmCandidateLiteral e) {
result = e.getValue().toInt() and
not e instanceof CharLiteral and
not e instanceof StringLiteral
}
string getAlgorithmAlias(string alias) {
customAliases(result, alias)
or