hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Rust: CallExpr -> Call.

Browse Source
This commit is contained in:
Geoffrey White
2025-12-02 17:21:04 +00:00
parent c64f19f6eb
commit 3028e5dac0
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
rust/ql/lib/codeql/rust/security/HardcodedCryptographicValueExtensions.qll
View File

@@ -107,9 +107,9 @@ module HardcodedCryptographicValue {
HeuristicSinks() { HeuristicSinks() {
// any argument going to a parameter whose name matches a credential name // any argument going to a parameter whose name matches a credential name
exists(CallExprBase fc, Function f, int argIndex, string argName | exists(Call c, Function f, int argIndex, string argName |
fc.getArg(argIndex) = this.asExpr() and c.getPositionalArgument(argIndex) = this.asExpr() and
fc.getStaticTarget() = f and c.getStaticTarget() = f and
f.getParam(argIndex).getPat().(IdentPat).getName().getText() = argName and f.getParam(argIndex).getPat().(IdentPat).getName().getText() = argName and
( (
argName = "password" and kind = "password" argName = "password" and kind = "password"
@@ -123,7 +123,7 @@ module HardcodedCryptographicValue {
// note: matching "key" results in too many false positives // note: matching "key" results in too many false positives
) and ) and
// don't duplicate modeled sinks // don't duplicate modeled sinks
not exists(ModelsAsDataSinks s | s.(Node::FlowSummaryNode).getSinkElement().getCall() = fc) not exists(ModelsAsDataSinks s | s.(Node::FlowSummaryNode).getSinkElement().getCall() = c)
) )
} }