Adjusted sources and sanitizer of UnsafeCertTrust taint tracking config

2025-12-24 04:36:35 +01:00 · 2021-06-22 17:53:15 +02:00
parent e43fff2d30
commit 5d4cd70f8c
6 changed files with 463 additions and 25 deletions
--- a/java/ql/src/Security/CWE/CWE-273/UnsafeCertTrust.ql
+++ b/java/ql/src/Security/CWE/CWE-273/UnsafeCertTrust.ql
@@ -23,7 +23,7 @@ class SslEndpointIdentificationFlowConfig extends TaintTracking::Configuration {
  override predicate isSink(DataFlow::Node sink) { sink instanceof SslConnectionCreation }

  override predicate isSanitizer(DataFlow::Node sanitizer) {
-    sanitizer instanceof SslConnectionWithSafeSslParameters
+    sanitizer instanceof SslUnsafeCertTrustSanitizer
  }
 }