Update ruby/ql/src/experimental/cwe-208/UnsafeHmacComparison.ql

Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
This commit is contained in:
Brandon Stewart
2023-08-10 09:21:16 -04:00
committed by GitHub
parent 7882cf0bf0
commit b899b648e5

View File

@@ -38,6 +38,7 @@ private module UnsafeHmacComparison {
import DataFlow::Global<Config>
}
private import UnsafeHmacComparison::PathGraph
from UnsafeHmacComparison::PathNode source, UnsafeHmacComparison::PathNode sink
where UnsafeHmacComparison::flowPath(source, sink)
select sink.getNode(), source, sink, "This comparison is potentially vulnerable to a timing attack."