hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 08:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #15643 from owen-mc/java/sensitive-logging

Browse Source 
Java: Sensitive Logging: Simplify definition of source and improve QLDoc
This commit is contained in:
Owen Mansel-Chan
2024-02-20 13:24:23 +00:00
committed by GitHub
parent ea676469bb 22692b9d55
commit e6f9ef5042
1 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll
View File

@@ -8,12 +8,15 @@ import semmle.code.java.frameworks.android.Compose
private import semmle.code.java.security.Sanitizers
/** A variable that may hold sensitive information, judging by its name. */
class CredentialExpr extends Expr {
class VariableWithSensitiveName extends Variable {
VariableWithSensitiveName() { this.getName().regexpMatch(getCommonSensitiveInfoRegex()) }
}
/** A reference to a variable that may hold sensitive information, judging by its name. */
class CredentialExpr extends VarAccess {
CredentialExpr() {
exists(Variable v | this = v.getAnAccess() |
v.getName().regexpMatch(getCommonSensitiveInfoRegex()) and
not this instanceof CompileTimeConstantExpr
)
this.getVariable() instanceof VariableWithSensitiveName and
not this instanceof CompileTimeConstantExpr
}
}