hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 13:15:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

Initial hash models for openssl.

Browse Source
This commit is contained in:
REDMOND\brodes
2025-03-07 14:24:01 -05:00
parent cf72fde911
commit bac0a635f9
8 changed files with 312 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cpp/ql/lib/experimental/Quantum/OpenSSL/EVPDigestAlgorithmSource.qll
View File

@@ -39,11 +39,11 @@ predicate literalToHashFamilyType(Literal e, Crypto::THashType type) {
class HashKnownAlgorithmLiteralAlgorithmInstance extends Crypto::HashAlgorithmInstance instanceof Literal
{
OpenSSLAlgorithmGetterCall cipherGetterCall;
OpenSSLAlgorithmGetterCall getterCall;
HashKnownAlgorithmLiteralAlgorithmInstance() {
exists(DataFlow::Node src, DataFlow::Node sink |
sink = cipherGetterCall.getValueArgNode() and
sink = getterCall.getValueArgNode() and
src.asExpr() = this and
KnownAlgorithmLiteralToAlgorithmGetterFlow::flow(src, sink) and
// Not just any known value, but specifically a known cipher operation
@@ -56,10 +56,12 @@ class HashKnownAlgorithmLiteralAlgorithmInstance extends Crypto::HashAlgorithmIn
// TODO: should this not be part of the abstract algorithm definition?
Crypto::AlgorithmConsumer getConsumer() {
AlgGetterToAlgConsumerFlow::flow(cipherGetterCall.getResultNode(), DataFlow::exprNode(result))
AlgGetterToAlgConsumerFlow::flow(getterCall.getResultNode(), DataFlow::exprNode(result))
}
override Crypto::THashType getHashFamily() { literalToHashFamilyType(this, result) }
override int getHashSize() { none() } //TODO
override string getRawAlgorithmName() { result = this.(Literal).getValue().toString() }
}