Apply suggestions from code review

Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
This commit is contained in:
Owen Mansel-Chan
2026-07-08 13:02:20 +01:00
committed by GitHub
parent b6d588c1a8
commit 85d800f317
4 changed files with 7 additions and 7 deletions

View File

@@ -6,12 +6,12 @@ class FalsePositiveCases
// regular FVN
ulong GetRegularFvnHash(string s)
{
ulong num = 14695981039346656037UL; /* FNV base offset */ // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold]
ulong num = 14695981039346656037UL; /* FNV base offset */ // $ SPURIOUS: Alert[cs/solorigate/number-of-known-hashes-above-threshold]
foreach (byte b in Encoding.UTF8.GetBytes(s))
{
num ^= (ulong)b;
num *= 1099511628211UL; /* FNV prime */ // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold]
num *= 1099511628211UL; /* FNV prime */ // $ SPURIOUS: Alert[cs/solorigate/number-of-known-hashes-above-threshold]
}
return num;

View File

@@ -98,8 +98,8 @@ namespace JsonWebTokenHandlerTest
SaveSigninToken = true
};
tokenValidationParamsBaseline.LifetimeValidator = (notBefore, expires, securityToken, validationParameters) => ValidateLifetimeAlwaysTrue(securityToken, validationParameters); // $ Alert[cs/json-webtoken-handler/delegated-security-validations-always-return-true] // BUG delegated-security-validations-always-return-true
tokenValidationParamsBaseline.AudienceValidator = (IEnumerable<string> audiences, SecurityToken securityToken, TokenValidationParameters validationParameters) => true; // $ Alert[cs/json-webtoken-handler/delegated-security-validations-always-return-true] // BUG delegated-security-validations-always-return-true
tokenValidationParamsBaseline.LifetimeValidator = (notBefore, expires, securityToken, validationParameters) => ValidateLifetimeAlwaysTrue(securityToken, validationParameters); // $ Alert[cs/json-webtoken-handler/delegated-security-validations-always-return-true]
tokenValidationParamsBaseline.AudienceValidator = (IEnumerable<string> audiences, SecurityToken securityToken, TokenValidationParameters validationParameters) => true; // $ Alert[cs/json-webtoken-handler/delegated-security-validations-always-return-true]
tokenValidationParamsBaseline.TokenReplayValidator = (DateTime? expirationTime, string securityToken, TokenValidationParameters validationParameters) => // GOOD
{
if (securityToken is null)

View File

@@ -9,7 +9,7 @@ class Test
var bad1 = (int)1; // $ Alert
var bad2 = (Test)this; // $ Alert
var bad3 = this as Test; // $ Alert
func = (Func<int, int?>)(x => x); // MISSING
func = (Func<int, int?>)(x => x); // $ MISSING: Alert
exprFunc = (Expression<Func<int, int?>>)(x => x); // $ Alert
// GOOD
@@ -22,7 +22,7 @@ class Test
var good7 = (Action<int>)((int x) => { });
func = x => x;
exprFunc = x => x;
exprFuncUntyped = (Expression<Func<int, int?>>)(x => x); // $ Alert // FP
exprFuncUntyped = (Expression<Func<int, int?>>)(x => x); // $ SPURIOUS: Alert
}
enum Enum

View File

@@ -24,7 +24,7 @@ public class ConditionalBypassHandler : IHttpHandler
// FALSE POSITIVES: both methods are conditionally executed, but they probably
// both perform the security-critical action
if (adminCookie.Value == "false") // $ Alert=r3 Alert=r4 Alert=r2
if (adminCookie.Value == "false") // $ SPURIOUS: Alert=r3 Alert=r4 Alert=r2
{
login(user, password);
}