hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 02:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

change PasswordFnSink to RandomFnSink

Browse Source
This commit is contained in:
liangjinhuang
2021-12-11 12:31:20 +08:00
parent 1102f60f3e
commit 77b5f422ba
1 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
python/ql/lib/semmle/python/security/dataflow/InsecureRandomnessCustomizations.qll
View File

@@ -55,14 +55,14 @@ module InsecureRandomness {
}
/**
* A use in a function that heuristically deals with passwords.
* A use in a function that heuristically deals with unsafe random numbers or random strings.
*/
class PasswordFnSink extends Sink {
PasswordFnSink() {
exists(DataFlowCallable passwordFn |
passwordFn.getName().regexpMatch("(?i).*(gen(erate)?|salt|make|mk)Password.*")
class RandomFnSink extends Sink {
RandomFnSink() {
exists(DataFlowCallable randomFn |
randomFn.getName().regexpMatch("(?i).*(gen(erate)?|salt|make|mk).*")
|
this.getEnclosingCallable() = passwordFn
this.getEnclosingCallable() = randomFn
)
}
}