hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 08:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add unit tests

Browse Source
This commit is contained in:
Joe Farebrother
2024-02-08 11:11:48 +00:00
parent d8985f9f5b
commit 2eb93b7a3b
12 changed files with 214 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
java/ql/lib/semmle/code/java/security/AndroidLocalAuthQuery.qll
View File

@@ -43,8 +43,8 @@ class AuthenticationSuccessCallback extends Method {
}
/** A call that sets a parameter for key generation that is insecure for use with biometric authentication. */
class InsecureBiometricKeyParam extends MethodCall {
InsecureBiometricKeyParam() {
class InsecureBiometricKeyParamCall extends MethodCall {
InsecureBiometricKeyParamCall() {
exists(string name, CompileTimeConstantExpr val |
this.getMethod()
.hasQualifiedName("android.security.keystore", "KeyGenParameterSpec$Builder", name) and
@@ -59,3 +59,6 @@ class InsecureBiometricKeyParam extends MethodCall {
)
}
}
/** Holds if the application contains an instance of a key being used for local biometric authentication. */
predicate usesLocalAuth() { exists(AuthenticationSuccessCallback cb | exists(cb.getAResultUse())) }