Add more test cases

2026-04-22 15:25:18 +02:00 · 2023-12-20 22:28:23 -05:00
parent 7f9dff2dc7
commit 6455e1893d
1 changed files with 9 additions and 0 deletions
--- a/java/ql/test/query-tests/security/CWE-327/semmle/tests/WeakHashing.java
+++ b/java/ql/test/query-tests/security/CWE-327/semmle/tests/WeakHashing.java
@@ -14,7 +14,16 @@ public class WeakHashing {
        // BAD: Using a weak hashing algorithm
        MessageDigest bad = MessageDigest.getInstance(props.getProperty("hashAlg1"));

+        // BAD: Using a weak hashing algorithm even with a secure default
+        MessageDigest bad2 = MessageDigest.getInstance(props.getProperty("hashAlg1", "SHA-256"));
+        
        // GOOD: Using a strong hashing algorithm
        MessageDigest ok = MessageDigest.getInstance(props.getProperty("hashAlg2"));
+
+        // OK: Using a strong hashing algorithm even with a weak default
+        MessageDigest ok2 = MessageDigest.getInstance(props.getProperty("hashAlg2", "MD5"));
+
+        // OK: Property does not exist and default is secure
+        MessageDigest ok3 = MessageDigest.getInstance(props.getProperty("hashAlg3", "SHA-256"));
    }
 }