hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-29 14:23:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Move insecure randomness query to cwe-338

Browse Source 
Also give it a precision
This commit is contained in:
Sauyon Lee
2021-01-28 15:53:03 +00:00
parent 82bd293e5c
commit 73dc135480
14 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
ql/src/Security/CWE-327/InsecureRandomness.go → ql/src/Security/CWE-338/InsecureRandomness.go
View File

0
ql/src/Security/CWE-327/InsecureRandomness.qhelp → ql/src/Security/CWE-338/InsecureRandomness.qhelp
View File

3
ql/src/Security/CWE-327/InsecureRandomness.ql → ql/src/Security/CWE-338/InsecureRandomness.ql
View File

@@ -3,9 +3,10 @@
* @description Using insufficient randomness as the key of a cryptographic algorithm can allow an attacker to compromise security.
* @kind path-problem
* @problem.severity error
* @precision high
* @id go/insecure-randomness
* @tags security
* external/cwe/cwe-327
* external/cwe/cwe-338
*/
import go

0
ql/src/Security/CWE-327/InsecureRandomnessGood.go → ql/src/Security/CWE-338/InsecureRandomnessGood.go
View File

2
ql/test/query-tests/Security/CWE-327/InsecureRandomness/Crypto.go → ql/test/query-tests/Security/CWE-327/Crypto.go
View File

@@ -9,7 +9,7 @@ import (
"crypto/sha256"
)
func main() {
func crypto() {
public := []byte("hello")
password := []byte("123456")

1
ql/test/query-tests/Security/CWE-327/InsecureRandomness/InsecureRandomness.qlref
View File

@@ -1 +0,0 @@
Security/CWE-327/InsecureRandomness.ql

0
ql/test/query-tests/Security/CWE-327/InsecureRandomness/WeakCryptoAlgorithm.expected → ql/test/query-tests/Security/CWE-327/WeakCryptoAlgorithm.expected
View File

0
ql/test/query-tests/Security/CWE-327/InsecureRandomness/WeakCryptoAlgorithm.qlref → ql/test/query-tests/Security/CWE-327/WeakCryptoAlgorithm.qlref
View File

0
ql/test/query-tests/Security/CWE-327/InsecureRandomness/InsecureRandomness.expected → ql/test/query-tests/Security/CWE-338/InsecureRandomness/InsecureRandomness.expected
View File

0
ql/test/query-tests/Security/CWE-327/InsecureRandomness/InsecureRandomness.go → ql/test/query-tests/Security/CWE-338/InsecureRandomness/InsecureRandomness.go
View File

1
ql/test/query-tests/Security/CWE-338/InsecureRandomness/InsecureRandomness.qlref Normal file
View File

@@ -0,0 +1 @@
Security/CWE-338/InsecureRandomness.ql

0
ql/test/query-tests/Security/CWE-327/InsecureRandomness/InsecureRandomnessGood.go → ql/test/query-tests/Security/CWE-338/InsecureRandomness/InsecureRandomnessGood.go
View File

0
ql/test/query-tests/Security/CWE-327/InsecureRandomness/go.mod → ql/test/query-tests/Security/CWE-338/InsecureRandomness/go.mod
View File

0
ql/test/query-tests/Security/CWE-327/InsecureRandomness/sample.go → ql/test/query-tests/Security/CWE-338/InsecureRandomness/sample.go
View File