hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-03 20:58:03 +02:00
Code Issues Packages Projects Releases Wiki Activity

Decouple InsecureBasicAuth.qll to reuse the taint tracking configuration

Browse Source
This commit is contained in:
Tony Torralba
2021-07-20 11:05:28 +02:00
parent 90df3fa94c
commit 30178d4f23
4 changed files with 27 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
java/ql/test/query-tests/security/CWE-522/InsecureBasicAuthTest.ql
View File

@@ -1,21 +1,7 @@
import java
import semmle.code.java.dataflow.TaintTracking
import semmle.code.java.dataflow.FlowSources
import semmle.code.java.security.InsecureBasicAuth
import semmle.code.java.security.InsecureBasicAuthQuery
import TestUtilities.InlineExpectationsTest
class Conf extends TaintTracking::Configuration {
Conf() { this = "test:cwe:insecure-basic-auth" }
override predicate isSource(DataFlow::Node src) { src instanceof InsecureBasicAuthSource }
override predicate isSink(DataFlow::Node sink) { sink instanceof InsecureBasicAuthSink }
override predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
any(InsecureBasicAuthAdditionalTaintStep c).step(node1, node2)
}
}
class HasInsecureBasicAuthTest extends InlineExpectationsTest {
HasInsecureBasicAuthTest() { this = "HasInsecureBasicAuthTest" }
@@ -23,7 +9,9 @@ class HasInsecureBasicAuthTest extends InlineExpectationsTest {
override predicate hasActualResult(Location location, string element, string tag, string value) {
tag = "hasInsecureBasicAuth" and
exists(DataFlow::Node src, DataFlow::Node sink, Conf conf | conf.hasFlow(src, sink) |
exists(DataFlow::Node src, DataFlow::Node sink, BasicAuthFlowConfig conf |
conf.hasFlow(src, sink)
|
sink.getLocation() = location and
element = sink.toString() and
value = ""