hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Consider setStartTLSRequired for Apache SimpleEmail

Browse Source
This commit is contained in:
Tony Torralba
2021-06-30 12:22:48 +02:00
parent baffb0ed89
commit 2d1278ece5
3 changed files with 63 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/src/semmle/code/java/security/Mail.qll
View File

@@ -33,7 +33,7 @@ predicate isInsecureMailPropertyConfig(VarAccess propertiesVarAccess) {
* Holds if `ma` enables TLS/SSL with Apache Email.
*/
predicate enablesEmailSsl(MethodAccess ma) {
ma.getMethod().hasName("setSSLOnConnect") and
ma.getMethod().hasName(["setSSLOnConnect", "setStartTLSRequired"]) and
ma.getMethod().getDeclaringType() instanceof ApacheEmail and
ma.getArgument(0).(BooleanLiteral).getBooleanValue() = true
}