hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Refactor UnsafeCertTrustQuery

Browse Source
This commit is contained in:
Ed Minnix
2023-03-20 07:35:20 -04:00
parent a040ff6997
commit ac8dec740a
3 changed files with 22 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/src/Security/CWE/CWE-273/UnsafeCertTrust.ql
View File

@@ -18,7 +18,5 @@ import semmle.code.java.security.UnsafeCertTrustQuery
from Expr unsafeTrust
where
unsafeTrust instanceof RabbitMQEnableHostnameVerificationNotSet or
exists(SslEndpointIdentificationFlowConfig config |
config.hasFlowTo(DataFlow::exprNode(unsafeTrust))
)
SslEndpointIdentificationFlow::flowTo(DataFlow::exprNode(unsafeTrust))
select unsafeTrust, "Unsafe configuration of trusted certificates."