hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-22 07:15:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Apply suggestions from code review

Browse Source 
Co-authored-by: Chris Smowton <smowton@github.com>
This commit is contained in:
Owen Mansel-Chan
2024-03-24 20:11:15 +00:00
committed by Owen Mansel-Chan
parent 821f399193
commit ac6c4add14
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll
View File

@@ -13,7 +13,7 @@ class VariableWithSensitiveName extends Variable {
exists(string name | name = this.getName() |
name.regexpMatch(getCommonSensitiveInfoRegex()) and
not name.regexpMatch("(?i).*null.*") and
not name.matches("tokenImage") // appears in parser code generated by JavaCC
name != "tokenImage" // appears in parser code generated by JavaCC
)
}
}

2
java/ql/src/change-notes/2024-03-24-sensitive-log-whitelist-tokenimage.md
View File

@@ -1,4 +1,4 @@
---
category: minorAnalysis
---
* Variables named `tokenImage` are no longer sources for the `java/sensitive-log` query. This is because this variable name is used in parsing code generated by JavaCC, so it causes a larger number of false positive alerts.
* Variables named `tokenImage` are no longer sources for the `java/sensitive-log` query. This is because this variable name is used in parsing code generated by JavaCC, so it causes a large number of false positive alerts.