hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 01:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

C#: Re-factor ThreadUnsafeICryptoTransformLambda to use the new API.

Browse Source
This commit is contained in:
Michael Nebel
2023-04-13 14:36:52 +02:00
parent e3cbebae30
commit eb7e401aea
1 changed files with 8 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
csharp/ql/src/Likely Bugs/ThreadUnsafeICryptoTransformLambda.ql
View File

@@ -18,21 +18,20 @@ import csharp
import ParallelSink
import ICryptoTransform
class NotThreadSafeCryptoUsageIntoParallelInvokeConfig extends TaintTracking::Configuration {
NotThreadSafeCryptoUsageIntoParallelInvokeConfig() {
this = "NotThreadSafeCryptoUsageIntoParallelInvokeConfig"
}
override predicate isSource(DataFlow::Node source) {
module NotThreadSafeCryptoUsageIntoParallelInvokeConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) {
source instanceof LambdaCapturingICryptoTransformSource
}
override predicate isSink(DataFlow::Node sink) { sink instanceof ParallelSink }
predicate isSink(DataFlow::Node sink) { sink instanceof ParallelSink }
}
from Expr e, string m, LambdaExpr l, NotThreadSafeCryptoUsageIntoParallelInvokeConfig config
module NotThreadSafeCryptoUsageIntoParallelInvoke =
TaintTracking::Global<NotThreadSafeCryptoUsageIntoParallelInvokeConfig>;
from Expr e, string m, LambdaExpr l
where
config.hasFlow(DataFlow::exprNode(l), DataFlow::exprNode(e)) and
NotThreadSafeCryptoUsageIntoParallelInvoke::flow(DataFlow::exprNode(l), DataFlow::exprNode(e)) and
m =
"A $@ seems to be used to start a new thread is capturing a local variable that either implements 'System.Security.Cryptography.ICryptoTransform' or has a field of this type."
select e, m, l, "lambda expression"