hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Crypto: Fix QL-for-QL alert and auto-format

Browse Source
This commit is contained in:
Nicolas Will
2025-10-09 13:59:51 +02:00
parent f524de4afc
commit fdba3acc4b
3 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/lib/experimental/quantum/Language.qll
View File

@@ -115,7 +115,7 @@ private class ConstantDataSourceLiteral extends Crypto::GenericConstantSourceIns
private class ConstantDataSourceArrayInitializer extends Crypto::GenericConstantSourceInstance instanceof ArrayInit
{
ConstantDataSourceArrayInitializer() { exists(Literal l | this.getAnInit() = l) }
ConstantDataSourceArrayInitializer() { this.getAnInit() instanceof Literal }
override DataFlow::Node getOutputNode() { result.asExpr() = this }

7
java/ql/src/experimental/quantum/Analysis/NonAESGCMCipher.ql
View File

@@ -19,6 +19,7 @@ class NonAESGCMAlgorithmNode extends Crypto::KeyOperationAlgorithmNode {
}
from Crypto::KeyOperationNode op, Crypto::KeyOperationOutputNode codeNode
where op.getAKnownAlgorithm() instanceof NonAESGCMAlgorithmNode and
codeNode = op.getAnOutputArtifact()
select op, "Non-AES-GCM instance."
where
op.getAKnownAlgorithm() instanceof NonAESGCMAlgorithmNode and
codeNode = op.getAnOutputArtifact()
select op, "Non-AES-GCM instance."

2
java/ql/src/experimental/quantum/Analysis/WeakKDFIterationCount.ql
View File

@@ -17,4 +17,4 @@ where
op.getIterationCount().asElement() = l and
l.getValue().toInt() < 100000
select op, "Key derivation operation configures iteration count below 100k: $@", l,
l.getValue().toString()
l.getValue().toString()