hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-11 12:41:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

Java: Fix typos.

Browse Source
This commit is contained in:
intrigus
2021-04-20 23:04:06 +02:00
parent 149c4491ce
commit 3acec94773
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
java/ql/src/experimental/Security/CWE/CWE-347/MissingJWTSignatureCheck.ql
View File

@@ -70,8 +70,8 @@ private class JwtHandlerAdapterOnJwtMethods extends Method {
/**
* Holds if `parseHandlerExpr` is an insecure `JwtHandler`.
* That is, it overrides a method from `JwtHandlerOnJwtMethods` and the overriden method is not a method from `JwtHandlerAdapterOnJwtMethods`.
* A overriden method which is a method from `JwtHandlerAdapterOnJwtMethods` is safe, because these always throw an exception.
* That is, it overrides a method from `JwtHandlerOnJwtMethods` and the overridden method is not a method from `JwtHandlerAdapterOnJwtMethods`.
* A overridden method which is a method from `JwtHandlerAdapterOnJwtMethods` is safe, because these always throw an exception.
*/
private predicate isInsecureParseHandler(Expr parseHandlerExpr) {
exists(RefType t |
@@ -155,7 +155,7 @@ private class SigningToExprDataFlow extends DataFlow::Configuration {
}
}
/** An access to the `setSigningKey` or `setSigningKeyResolver` method (or an overriden method) defined in `JwtParser` and `JwtParserBuilder`. */
/** An access to the `setSigningKey` or `setSigningKeyResolver` method (or an overridden method) defined in `JwtParser` and `JwtParserBuilder`. */
private class SigningKeyMethodAccess extends MethodAccess {
SigningKeyMethodAccess() {
exists(Method m |