hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 17:25:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Rust: Add prototype query.

Browse Source
This commit is contained in:
Geoffrey White
2025-11-11 16:01:10 +00:00
parent 5eac0f7953
commit f6b7aeaaca
1 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
rust/ql/src/queries/security/CWE-295/DisabledCertificateCheck.ql Normal file
View File

@@ -0,0 +1,22 @@
/**
* @name Disabled TLS certificate check
* @description If an application disables TLS certificate checking, it may be vulnerable to
* man-in-the-middle attacks.
* @kind problem
* @problem.severity warning
* @security-severity 7.5
* @precision high
* @id rust/disabled-certificate-check
* @tags security
* external/cwe/cwe-295
*/
import rust
from CallExprBase fc
where
fc.getStaticTarget().(Function).getName().getText() = ["danger_accept_invalid_certs", "danger_accept_invalid_hostnames"] and
fc.getArg(0).(BooleanLiteralExpr).getTextValue() = "true"
select
fc,
"Disabling TLS certificate validation with 'danger_accept_invalid_certs(true)' can expose the application to man-in-the-middle attacks." // TODO: proper message.