mirror of
https://github.com/github/codeql.git
synced 2026-07-01 01:25:33 +02:00
Java: Add missing $ Source annotations.
This commit is contained in:
@@ -30,5 +30,3 @@ nodes
|
||||
| BadMacUse.java:118:83:118:84 | iv : byte[] | semmle.label | iv : byte[] |
|
||||
| BadMacUse.java:124:42:124:51 | ciphertext | semmle.label | ciphertext |
|
||||
subpaths
|
||||
testFailures
|
||||
| BadMacUse.java:92:16:92:36 | doFinal(...) : byte[] | Unexpected result: Source |
|
||||
|
||||
@@ -89,7 +89,7 @@ class BadMacUse {
|
||||
|
||||
IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
|
||||
cipher.init(mode, secretKeySpec, ivParameterSpec);
|
||||
return cipher.doFinal(bytes); // $ Source[java/quantum/examples/bad-mac-order-decrypt-then-mac]
|
||||
return cipher.doFinal(bytes); // $ Source[java/quantum/examples/bad-mac-order-decrypt-then-mac] Source[java/quantum/examples/bad-mac-order-decrypt-to-mac]
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -126,5 +126,3 @@ nodes
|
||||
| InsecureIVorNonceSource.java:202:54:202:55 | iv : byte[] | semmle.label | iv : byte[] |
|
||||
| InsecureIVorNonceSource.java:206:51:206:56 | ivSpec | semmle.label | ivSpec |
|
||||
subpaths
|
||||
testFailures
|
||||
| InsecureIVorNonceSource.java:42:21:42:21 | 1 : Number | Unexpected result: Source |
|
||||
|
||||
@@ -39,7 +39,7 @@ public class InsecureIVorNonceSource {
|
||||
public byte[] encryptWithStaticIvByteArray(byte[] key, byte[] plaintext) throws Exception {
|
||||
byte[] iv = new byte[16];
|
||||
for (byte i = 0; i < iv.length; i++) {
|
||||
iv[i] = 1;
|
||||
iv[i] = 1; // $ Source[java/quantum/examples/insecure-iv-or-nonce]
|
||||
}
|
||||
|
||||
IvParameterSpec ivSpec = new IvParameterSpec(iv);
|
||||
|
||||
Reference in New Issue
Block a user