QLDocs

java/ql/lib/semmle/code/java/security/MaybeBrokenCryptoAlgorithmQuery.qll

@@ -50,6 +50,12 @@ private class GetPropertyMethodCall extends MethodCall {
   }
 }
 
+/**
+ * Get the string value represented by the given expression.
+ *
+ * If the value is a string literal, return the literal value.
+ * If the value is a call to `java.util.Properties::getProperty`, return the potential values of the property.
+ */
 string insecureAlgorithmName(DataFlow::Node algo) {
   result = algo.asExpr().(StringLiteral).getValue()
   or