hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 16:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

[DIFF-INFORMED] Java: InsecureLdapAuth

Browse Source 
https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/java/ql/src/Security/CWE/CWE-522/InsecureLdapAuth.ql#L21
This commit is contained in:
Nora Dimitrijević
2025-07-16 15:31:55 +02:00
parent 74b37e71a0
commit 2d734056b1
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
java/ql/lib/semmle/code/java/security/InsecureLdapAuthQuery.qll
View File

@@ -40,6 +40,10 @@ private module BasicAuthConfig implements DataFlow::ConfigSig {
}
predicate isSink(DataFlow::Node sink) { sink instanceof InsecureLdapUrlSink }
predicate observeDiffInformedIncrementalMode() {
none() // used as secondary flow to InsecureLdapUrlFlow in InsecureLdapAuth.ql
}
}
module BasicAuthFlow = DataFlow::Global<BasicAuthConfig>;
@@ -56,6 +60,10 @@ private module RequiresSslConfig implements DataFlow::ConfigSig {
}
predicate isSink(DataFlow::Node sink) { sink instanceof InsecureLdapUrlSink }
predicate observeDiffInformedIncrementalMode() {
none() // only used negatively in InsecureLdapAuth.ql
}
}
module RequiresSslFlow = DataFlow::Global<RequiresSslConfig>;