hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 17:25:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Exclude certificates from being cinsidered sensitive data by cleartext-storage and cleartext-logging queries

Browse Source
This commit is contained in:
Joe Farebrother
2024-08-27 13:16:10 +01:00
parent 3a864d3de2
commit 1cb23e7e86
2 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
python/ql/lib/semmle/python/security/dataflow/CleartextLoggingCustomizations.qll
View File

@@ -41,7 +41,8 @@ module CleartextLogging {
*/
class SensitiveDataSourceAsSource extends Source, SensitiveDataSource {
SensitiveDataSourceAsSource() {
not SensitiveDataSource.super.getClassification() = SensitiveDataClassification::id()
not SensitiveDataSource.super.getClassification() =
[SensitiveDataClassification::id(), SensitiveDataClassification::certificate()]
}
override SensitiveDataClassification getClassification() {

3
python/ql/lib/semmle/python/security/dataflow/CleartextStorageCustomizations.qll
View File

@@ -40,7 +40,8 @@ module CleartextStorage {
*/
class SensitiveDataSourceAsSource extends Source, SensitiveDataSource {
SensitiveDataSourceAsSource() {
not SensitiveDataSource.super.getClassification() = SensitiveDataClassification::id()
not SensitiveDataSource.super.getClassification() =
[SensitiveDataClassification::id(), SensitiveDataClassification::certificate()]
}
override SensitiveDataClassification getClassification() {