hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Rust: CallExpr -> Call.

Browse Source
This commit is contained in:
Geoffrey White
2025-12-02 17:21:04 +00:00
parent c64f19f6eb
commit 3028e5dac0
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
rust/ql/lib/codeql/rust/security/HardcodedCryptographicValueExtensions.qll
View File

@@ -107,9 +107,9 @@ module HardcodedCryptographicValue {
HeuristicSinks() {
// any argument going to a parameter whose name matches a credential name
exists(CallExprBase fc, Function f, int argIndex, string argName |
fc.getArg(argIndex) = this.asExpr() and
fc.getStaticTarget() = f and
exists(Call c, Function f, int argIndex, string argName |
c.getPositionalArgument(argIndex) = this.asExpr() and
c.getStaticTarget() = f and
f.getParam(argIndex).getPat().(IdentPat).getName().getText() = argName and
(
argName = "password" and kind = "password"
@@ -123,7 +123,7 @@ module HardcodedCryptographicValue {
// note: matching "key" results in too many false positives
) and
// don't duplicate modeled sinks
not exists(ModelsAsDataSinks s | s.(Node::FlowSummaryNode).getSinkElement().getCall() = fc)
not exists(ModelsAsDataSinks s | s.(Node::FlowSummaryNode).getSinkElement().getCall() = c)
)
}