From f2688c4a021182394748046bbdf51ec9aa205005 Mon Sep 17 00:00:00 2001
From: Ahmed Farid <farid532009@gmail.com>
Date: Wed, 31 Aug 2022 12:39:00 +0100
Subject: [PATCH] Update `select` statement

---
 .../PossibleTimingAttackAgainstHash.ql                        | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstHash/PossibleTimingAttackAgainstHash.ql b/python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstHash/PossibleTimingAttackAgainstHash.ql
index 71e82bd715f..0d5809694b3 100644
--- a/python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstHash/PossibleTimingAttackAgainstHash.ql
+++ b/python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstHash/PossibleTimingAttackAgainstHash.ql
@@ -25,7 +25,7 @@ import DataFlow::PathGraph
 class PossibleTimingAttackAgainstHash extends TaintTracking::Configuration {
   PossibleTimingAttackAgainstHash() { this = "PossibleTimingAttackAgainstHash" }
 
-  override predicate isSource(DataFlow::Node source) { source instanceof ProduceHashCall }
+  override predicate isSource(DataFlow::Node source) { source instanceof ProduceCryptoCall }
 
   override predicate isSink(DataFlow::Node sink) { sink instanceof NonConstantTimeComparisonSink }
 }
@@ -33,4 +33,4 @@ class PossibleTimingAttackAgainstHash extends TaintTracking::Configuration {
 from PossibleTimingAttackAgainstHash config, DataFlow::PathNode source, DataFlow::PathNode sink
 where config.hasFlowPath(source, sink)
 select sink.getNode(), source, sink, "Possible Timing attack against $@ validation.",
-  source.getNode(), "message"
+  source.getNode().(ProduceCryptoCall).getResultType(), "message"