From 1f4ae86a84eec3a44715958c4d18934985af99bc Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 2 Jul 2026 11:26:26 +0100 Subject: [PATCH] Apply suggestions from code review Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com> --- .../rust/security/HardcodedCryptographicValueExtensions.qll | 2 ++ 1 file changed, 2 insertions(+) diff --git a/rust/ql/lib/codeql/rust/security/HardcodedCryptographicValueExtensions.qll b/rust/ql/lib/codeql/rust/security/HardcodedCryptographicValueExtensions.qll index a5e316dbfba..fe5a8b03841 100644 --- a/rust/ql/lib/codeql/rust/security/HardcodedCryptographicValueExtensions.qll +++ b/rust/ql/lib/codeql/rust/security/HardcodedCryptographicValueExtensions.qll @@ -72,9 +72,11 @@ module HardcodedCryptographicValue { isConstant(e.(ArrayRepeatExpr).getRepeatOperand()) // e.g. `[0; 10]` or // e.g. `const MY_CONST: u64 = ...` + // the constant initializer / body is the preferred source location for flow paths, when available. e = any(Const c).getBody() or // e.g. `u64::MAX` + // when the constant initializer is not available as a source location (case above), use the access instead. e instanceof ConstAccess and not exists(e.(ConstAccess).getConst().getBody()) or