hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

style:move all source files under src/experimental & feat:modify source regular matching rules

Browse Source
This commit is contained in:
liangjinhuang
2022-02-02 01:14:51 +08:00
parent 1885b683f7
commit 976e484c57
3 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
python/ql/src/experimental/Security/CWE-338/InsecureRandomness.ql
View File

@@ -13,11 +13,11 @@
*/
import python
import semmle.python.security.dataflow.InsecureRandomness::InsecureRandomness
import experimental.semmle.python.security.InsecureRandomness::InsecureRandomness
import semmle.python.dataflow.new.DataFlow
import DataFlow::PathGraph
from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
where cfg.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "Cryptographically insecure $@ in a security context.",
source.getNode(), "random value"
source.getNode(), "random value"

0
python/ql/lib/semmle/python/security/dataflow/InsecureRandomness.qll → python/ql/src/experimental/semmle/python/security/InsecureRandomness.qll
View File

2
python/ql/lib/semmle/python/security/dataflow/InsecureRandomnessCustomizations.qll → python/ql/src/experimental/semmle/python/security/InsecureRandomnessCustomizations.qll
View File

@@ -58,7 +58,7 @@ module InsecureRandomness {
class RandomFnSink extends Sink {
RandomFnSink() {
exists(DataFlowCallable randomFn |
randomFn.getName().regexpMatch("(?i).*(gen(erate)?|make|mk|create).*(nonce|salt|pepper).*")
randomFn.getName().regexpMatch("(?i).*(gen(erate)?|make|mk|create).*(nonce|salt|pepper|Password).*")
|
this.getEnclosingCallable() = randomFn
)