hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Java: Remove redundant condition + docs.

Browse Source
This commit is contained in:
intrigus
2021-04-23 22:06:04 +02:00
parent 98dcd4e52b
commit b1a3633495
1 changed files with 2 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
java/ql/src/experimental/Security/CWE/CWE-347/MissingJWTSignatureCheck.ql
View File

@@ -124,7 +124,7 @@ private predicate isSigningKeySetter(Expr expr, MethodAccess signingMa) {
}
/**
* An expr that is a `JwtParser` for which a signing key has been set and which is used as
* An expr that is a (sub-type of) `JwtParser` for which a signing key has been set and which is used as
* the qualifier to a `JwtParserInsecureParseMethodAccess`.
*/
private class JwtParserWithSigningKeyExpr extends Expr {
@@ -140,8 +140,7 @@ private class JwtParserWithSigningKeyExpr extends Expr {
}
/**
* Models flow from `SigningKeyMethodAccess`es to expressions that are a
* (sub-type of) `JwtParser` and which are also the qualifier to a `JwtParserInsecureParseMethodAccess`.
* Models flow from `SigningKeyMethodAccess`es to qualifiers of `JwtParserInsecureParseMethodAccess`es.
* This is used to determine whether a `JwtParser` has a signing key set.
*/
private class SigningToInsecureMethodAccessDataFlow extends DataFlow::Configuration {
@@ -152,7 +151,6 @@ private class SigningToInsecureMethodAccessDataFlow extends DataFlow::Configurat
}
override predicate isSink(DataFlow::Node sink) {
sink.asExpr().getType() instanceof TypeDerivedJwtParser and
any(JwtParserInsecureParseMethodAccess ma).getQualifier() = sink.asExpr()
}