hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 16:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update python/ql/src/Security/CWE-798/HardcodedCredentials.ql

Browse Source 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
This commit is contained in:
Mathew Payne
2024-07-01 14:29:00 +01:00
committed by GitHub
parent ed314b1799
commit 96048f962e
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
python/ql/src/Security/CWE-798/HardcodedCredentials.ql
View File

@@ -81,7 +81,10 @@ class HardcodedValueSource extends DataFlow::Node {
class CredentialSink extends DataFlow::Node {
CredentialSink() {
this = ModelOutput::getASinkNode("credentials-hardcoded").asSink()
exists(string s | s.matches("credentials-%") |
// Actual sink-type will be things like `credentials-password` or `credentials-username`
this = ModelOutput::getASinkNode(s).asSink()
)
or
exists(string name |
name.regexpMatch(getACredentialRegex()) and