From adbc1efe59d3df5adb018897311fd839c8529e84 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Mon, 3 Nov 2025 17:20:19 +0000 Subject: [PATCH] Fix diff-informed predicates --- go/ql/lib/semmle/go/frameworks/CryptoLibraries.qll | 4 ---- go/ql/src/Security/CWE-327/WeakSensitiveDataHashing.ql | 4 ++++ 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/go/ql/lib/semmle/go/frameworks/CryptoLibraries.qll b/go/ql/lib/semmle/go/frameworks/CryptoLibraries.qll index 6fe299c39ed..154ac82e7a2 100644 --- a/go/ql/lib/semmle/go/frameworks/CryptoLibraries.qll +++ b/go/ql/lib/semmle/go/frameworks/CryptoLibraries.qll @@ -21,8 +21,6 @@ private module HashConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { source instanceof HashAlgorithmInit } predicate isSink(DataFlow::Node sink) { any() } - - predicate observeDiffInformedIncrementalMode() { any() } } /** Tracks the flow of hash algorithms. */ @@ -50,8 +48,6 @@ private module EncryptionConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { any(BlockModeInit nbcm).step(node1, node2) } - - predicate observeDiffInformedIncrementalMode() { any() } } /** diff --git a/go/ql/src/Security/CWE-327/WeakSensitiveDataHashing.ql b/go/ql/src/Security/CWE-327/WeakSensitiveDataHashing.ql index bd46bd50a83..0a38d9729f0 100644 --- a/go/ql/src/Security/CWE-327/WeakSensitiveDataHashing.ql +++ b/go/ql/src/Security/CWE-327/WeakSensitiveDataHashing.ql @@ -39,6 +39,8 @@ module NormalHashFunctionFlow { // make sinks barriers so that we only report the closest instance isSink(node) } + + predicate observeDiffInformedIncrementalMode() { any() } } import TaintTracking::Global @@ -70,6 +72,8 @@ module ComputationallyExpensiveHashFunctionFlow { // make sinks barriers so that we only report the closest instance isSink(node) } + + predicate observeDiffInformedIncrementalMode() { any() } } import TaintTracking::Global