hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-24 02:43:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

Whitelist variable name tokenImage

Browse Source
This commit is contained in:
Owen Mansel-Chan
2024-03-23 21:33:02 +00:00
parent 63a04c056a
commit 4832dc51ed
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll
View File

@@ -12,7 +12,8 @@ class VariableWithSensitiveName extends Variable {
VariableWithSensitiveName() {
exists(string name | name = this.getName() |
name.regexpMatch(getCommonSensitiveInfoRegex()) and
not name.regexpMatch("(?i).*null.*")
not name.regexpMatch("(?i).*null.*") and
not name.matches("tokenImage") // appears in parser code generated by JavaCC
)
}
}