style:formatDocument

2026-04-27 09:45:15 +02:00 · 2022-02-02 00:21:26 +08:00
parent af2e8ff8c6
commit 1885b683f7
3 changed files with 13 additions and 17 deletions
--- a/python/ql/lib/semmle/python/security/dataflow/InsecureRandomness.qll
+++ b/python/ql/lib/semmle/python/security/dataflow/InsecureRandomness.qll
@@ -16,7 +16,7 @@ import semmle.python.dataflow.new.TaintTracking
 */
 module InsecureRandomness {
  import InsecureRandomnessCustomizations::InsecureRandomness
-  
+
  /**
   * A taint-tracking configuration for reasoning about random values that are
   * not cryptographically secure.
@@ -29,9 +29,9 @@ module InsecureRandomness {
    override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }

    override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
-    
+
    override predicate isSanitizerGuard(DataFlow::BarrierGuard guard) {
      guard instanceof SanitizerGuard
    }
  }
-}
+}
--- a/python/ql/lib/semmle/python/security/dataflow/InsecureRandomnessCustomizations.qll
+++ b/python/ql/lib/semmle/python/security/dataflow/InsecureRandomnessCustomizations.qll
@@ -38,22 +38,20 @@ module InsecureRandomness {
   * A random source that is not sufficient for security use. So far this is only made up
   * of the math package's rand function, more insufficient random sources can be added here.
   */
-  class InsecureRandomSource extends Source { 
-    InsecureRandomSource() { 
+  class InsecureRandomSource extends Source {
+    InsecureRandomSource() {
      this =
        API::moduleImport("random")
            .getMember([
-                "betavariate", "choice", "choices", "expovariate",
-                "gammavariate", "gauss", "getrandbits", "getstate",
-                "lognormvariate", "normalvariate", "paretovariate",
-                "randbytes", "randint", "random", "randrange",
-                "sample", "seed", "setstate", "shuffle",
-                "triangular", "uniform", "vonmisesvariate", "weibullvariate"
+                "betavariate", "choice", "choices", "expovariate", "gammavariate", "gauss",
+                "getrandbits", "getstate", "lognormvariate", "normalvariate", "paretovariate",
+                "randbytes", "randint", "random", "randrange", "sample", "seed", "setstate",
+                "shuffle", "triangular", "uniform", "vonmisesvariate", "weibullvariate"
              ])
            .getACall()
    }
  }
-  
+
  /**
   * A use in a function that heuristically deals with unsafe random numbers or random strings.
   */
@@ -73,9 +71,7 @@ module InsecureRandomness {
   */
  class CryptoKeySink extends Sink {
    CryptoKeySink() {
-      exists(Cryptography::CryptographicOperation operation |
-        this = operation.getAnInput()
-      )
+      exists(Cryptography::CryptographicOperation operation | this = operation.getAnInput())
    }
  }
-}
+}