hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python: avoid missing cryptography uses due to unhandled encryption modes

Browse Source 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
This commit is contained in:
Alex Ford
2022-05-19 15:22:49 +01:00
committed by GitHub
parent 9e483ac4e0
commit f8576fb05b
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
python/ql/lib/semmle/python/frameworks/Cryptography.qll
View File

@@ -195,9 +195,9 @@ private module CryptographyModel {
call.getArg(0), call.getArgByName("algorithm")
] and
exists(DataFlow::Node modeArg | modeArg in [call.getArg(1), call.getArgByName("mode")] |
modeArg = modeClassRef(modeName).getReturn().getAUse()
or
modeArg.asExpr() instanceof None and modeName = "<none>"
if modeArg = modeClassRef(modeName).getReturn().getAUse()
then any()
else modeName = "<None or unknown>"
)
)
}