hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-05 15:16:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
6629bd827953c6746f7a5c79de11c48644188d00
codeql/java/ql/lib/semmle/code/java/security/SensitiveApi.qll
Kasper Svendsen c207cfdeb7 Overlay: Add overlay annotations to Java & shared libraries
2025-06-24 10:25:06 +02:00

36 lines
919 B
Plaintext
Raw Blame History

/**
* Provides predicates defining methods that consume sensitive data, such as usernames and passwords.
*/
overlay[local?]
module;
import java
private import semmle.code.java.dataflow.DataFlow
private import semmle.code.java.dataflow.ExternalFlow
/**
* A node that represents the use of a credential.
*/
abstract class CredentialsSinkNode extends DataFlow::Node { }
/**
* A node representing a password being passed to a method.
*/
class PasswordSink extends CredentialsSinkNode {
PasswordSink() { sinkNode(this, "credentials-password") }
}
/**
* A node representing a username being passed to a method.
*/
class UsernameSink extends CredentialsSinkNode {
UsernameSink() { sinkNode(this, "credentials-username") }
}
/**
* A node representing a cryptographic key being passed to a method.
*/
class CryptoKeySink extends CredentialsSinkNode {
CryptoKeySink() { sinkNode(this, "credentials-key") }
}
Reference in New Issue View Git Blame Copy Permalink