hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 10:45:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Remove initialization vectors from SensitiveApi

Browse Source
This commit is contained in:
Ed Minnix
2023-10-12 14:51:42 -04:00
parent c689065f83
commit a28f19c857
2 changed files with 1 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
java/ql/lib/semmle/code/java/security/SensitiveApi.qll
View File

@@ -32,13 +32,6 @@ class CryptoKeySink extends CredentialsSinkNode {
CryptoKeySink() { sinkNode(this, "credentials-key") }
}
/**
* A node representing a cryptographic initialization vector being passed to a method.
*/
class InitializationVectorSink extends DataFlow::Node {
InitializationVectorSink() { sinkNode(this, "encryption-iv") }
}
/**
* DEPRECATED: Use the `PasswordSink` class instead.
* Holds if callable `c` from a standard Java API expects a password parameter at index `i`.
@@ -73,8 +66,4 @@ deprecated predicate javaApiCallableCryptoKeyParam(Callable c, int i) {
* DEPRECATED: Use the `CredentialsSinkNode` class instead.
* Holds if callable `c` from a known API expects a credential parameter at index `i`.
*/
deprecated predicate otherApiCallableCredentialParam(Callable c, int i) {
exists(InitializationVectorSink sink, MethodAccess ma |
sink.asExpr() = ma.getArgument(i) and c = ma.getCallee()
)
}
deprecated predicate otherApiCallableCredentialParam(Callable c, int i) { none() }