hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-03 04:39:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ruby: drop SanitizerIn from ClearTextLoggingQuery

Browse Source
This commit is contained in:
Alex Ford
2022-02-08 18:00:35 +00:00
parent 7b4af39315
commit b46e4ccd71
2 changed files with 1 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ruby/ql/lib/codeql/ruby/security/CleartextLoggingCustomizations.qll
View File

@@ -37,11 +37,6 @@ module CleartextLogging {
*/
abstract class Sanitizer extends DataFlow::Node { }
/**
* A node that receives sanitized sensitive information.
*/
abstract class SanitizerIn extends DataFlow::Node { }
/**
* Holds if `re` may be a regular expression that can be used to sanitize
* sensitive data with a call to `sub`.
@@ -83,7 +78,7 @@ module CleartextLogging {
* Logger.new(STDOUT).info password
* ```
*/
private class MaskingReplacerSanitizedNode extends SanitizerIn {
private class MaskingReplacerSanitizedNode extends Sanitizer {
MaskingReplacerSanitizedNode() {
exists(Ssa::Definition def |
exists(MaskingReplacerSanitizer maskCall |

4
ruby/ql/lib/codeql/ruby/security/CleartextLoggingQuery.qll
View File

@@ -28,10 +28,6 @@ class Configuration extends TaintTracking::Configuration {
node instanceof CleartextLogging::Sanitizer
}
override predicate isSanitizerIn(DataFlow::Node node) {
node instanceof CleartextLogging::SanitizerIn
}
override predicate isAdditionalTaintStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
CleartextLogging::isAdditionalTaintStep(nodeFrom, nodeTo)
}