hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
4f54bb66b807ee4b22f6be28cfbb71d21b901b10
codeql/java/ql/test/query-tests/security/CWE-532/Test.java
Tony Torralba 5db8306fef Stop considering usernames sensitive info 
Require variables to be static to be considered constants
2022-05-12 11:46:52 +02:00

23 lines
481 B
Java
Raw Blame History

import org.apache.logging.log4j.Logger;
class Test {
void test(String password) {
Logger logger = null;
logger.info("User's password is: " + password); // $ hasTaintFlow
}
void test2(String authToken) {
Logger logger = null;
logger.error("Auth failed for: " + authToken); // $ hasTaintFlow
}
void test3(String username) {
Logger logger = null;
logger.error("Auth failed for: " + username); // Safe
}
}
Reference in New Issue View Git Blame Copy Permalink