hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 13:15:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add Insecure Randomness Query (CWE-338)

Browse Source
This commit is contained in:
Maiky
2023-10-21 17:23:41 +02:00
parent b46174f464
commit 35d390ad06
9 changed files with 232 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ruby/ql/test/query-tests/experimental/InsecureRandomness/InsecureRandomness.expected Normal file
View File

@@ -0,0 +1,6 @@
edges
nodes
| InsecureRandomness.rb:6:42:6:57 | call to rand | semmle.label | call to rand |
subpaths
#select
| InsecureRandomness.rb:6:42:6:57 | call to rand | InsecureRandomness.rb:6:42:6:57 | call to rand | InsecureRandomness.rb:6:42:6:57 | call to rand | This uses a cryptographically insecure random number generated at $@ in a security context. | InsecureRandomness.rb:6:42:6:57 | call to rand | call to rand |