Add "tokenizer" to sensitive variable name FPs

2026-04-26 09:15:12 +02:00 · 2024-07-30 15:22:39 +01:00
parent 0704946324
commit e259b25428
2 changed files with 5 additions and 2 deletions
--- a/java/ql/test/query-tests/security/CWE-532/Test.java
+++ b/java/ql/test/query-tests/security/CWE-532/Test.java
@@ -8,6 +8,6 @@ class Test {
        logger.error("Auth failed for: " + authToken); // $ hasTaintFlow
        logger.error("Auth failed for: " + username); // Safe
        logger.error("Auth failed for: " + nullToken); // Safe
-        logger.error("Auth failed for: " + stringTokenizer); // $ hasTaintFlow
+        logger.error("Auth failed for: " + stringTokenizer); // Safe
    }
 }