mirror of
https://github.com/github/codeql.git
synced 2025-12-24 04:36:35 +01:00
20 lines
600 B
Plaintext
20 lines
600 B
Plaintext
import java
|
|
import TestUtilities.InlineExpectationsTest
|
|
import semmle.code.java.security.AndroidCertificatePinningQuery
|
|
|
|
module Test implements TestSig {
|
|
string getARelevantTag() { result = ["hasNoTrustedResult", "hasUntrustedResult"] }
|
|
|
|
predicate hasActualResult(Location loc, string el, string tag, string value) {
|
|
exists(DataFlow::Node node |
|
|
missingPinning(node, _) and
|
|
loc = node.getLocation() and
|
|
el = node.toString() and
|
|
value = "" and
|
|
if trustedDomain(_) then tag = "hasUntrustedResult" else tag = "hasNoTrustedResult"
|
|
)
|
|
}
|
|
}
|
|
|
|
import MakeTest<Test>
|