hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Singleton set literal fix

Browse Source 
Fixing auto-code scanning recommendation
This commit is contained in:
Raul Garcia
2023-03-21 08:02:30 -07:00
parent 1400b4b520
commit 8b4826c0b4
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
python/ql/src/experimental/Security/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql
View File

@@ -25,7 +25,7 @@ predicate isUnsafeClientSideAzureStorageEncryptionViaAttributes(Call call, AttrN
|
s1 in ["key_encryption_key", "key_resolver_function"] and
s2 in ["ContainerClient", "BlobClient", "BlobServiceClient"] and
s3 in ["upload_blob"] and
s3 = "upload_blob" and
n = API::moduleImport("azure").getMember("storage").getMember("blob").getMember(s2).getAMember() and
startingNode = n.getACall().getReturn().getAValueReachableFromSource().asExpr().getAFlowNode() and
startingNode.strictlyReaches(ctrlFlowNode) and