mirror of
https://github.com/github/codeql.git
synced 2026-04-25 16:55:19 +02:00
Update python/ql/src/Security/CWE-798/HardcodedCredentials.ql
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
This commit is contained in:
@@ -81,7 +81,10 @@ class HardcodedValueSource extends DataFlow::Node {
|
||||
|
||||
class CredentialSink extends DataFlow::Node {
|
||||
CredentialSink() {
|
||||
this = ModelOutput::getASinkNode("credentials-hardcoded").asSink()
|
||||
exists(string s | s.matches("credentials-%") |
|
||||
// Actual sink-type will be things like `credentials-password` or `credentials-username`
|
||||
this = ModelOutput::getASinkNode(s).asSink()
|
||||
)
|
||||
or
|
||||
exists(string name |
|
||||
name.regexpMatch(getACredentialRegex()) and
|
||||
|
||||
Reference in New Issue
Block a user