From ac6c4add1480fc0ec35d2bf49231f1996226b604 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com> Date: Sun, 24 Mar 2024 20:11:15 +0000 Subject: [PATCH] Apply suggestions from code review Co-authored-by: Chris Smowton --- java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll | 2 +- .../2024-03-24-sensitive-log-whitelist-tokenimage.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll b/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll index 70ef0b39405..d46d35ab0cc 100644 --- a/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll +++ b/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll @@ -13,7 +13,7 @@ class VariableWithSensitiveName extends Variable { exists(string name | name = this.getName() | name.regexpMatch(getCommonSensitiveInfoRegex()) and not name.regexpMatch("(?i).*null.*") and - not name.matches("tokenImage") // appears in parser code generated by JavaCC + name != "tokenImage" // appears in parser code generated by JavaCC ) } } diff --git a/java/ql/src/change-notes/2024-03-24-sensitive-log-whitelist-tokenimage.md b/java/ql/src/change-notes/2024-03-24-sensitive-log-whitelist-tokenimage.md index d62c2dfbb47..017e5abd7ee 100644 --- a/java/ql/src/change-notes/2024-03-24-sensitive-log-whitelist-tokenimage.md +++ b/java/ql/src/change-notes/2024-03-24-sensitive-log-whitelist-tokenimage.md @@ -1,4 +1,4 @@ --- category: minorAnalysis --- -* Variables named `tokenImage` are no longer sources for the `java/sensitive-log` query. This is because this variable name is used in parsing code generated by JavaCC, so it causes a larger number of false positive alerts. +* Variables named `tokenImage` are no longer sources for the `java/sensitive-log` query. This is because this variable name is used in parsing code generated by JavaCC, so it causes a large number of false positive alerts.