mirror of
https://github.com/github/codeql.git
synced 2025-12-29 07:06:43 +01:00
23 lines
580 B
Plaintext
23 lines
580 B
Plaintext
/**
|
|
* @name Empty password in configuration file
|
|
* @description Finds empty passwords in configuration files.
|
|
* @kind problem
|
|
* @problem.severity warning
|
|
* @precision medium
|
|
* @id cs/empty-password-in-configuration
|
|
* @tags security
|
|
* external/cwe/cwe-258
|
|
* external/cwe/cwe-862
|
|
*/
|
|
|
|
import csharp
|
|
|
|
from XMLAttribute a
|
|
where
|
|
a.getName().toLowerCase() = "password" and a.getValue() = ""
|
|
or
|
|
a.getName().toLowerCase() = "pwd" and a.getValue() = ""
|
|
or
|
|
a.getValue().regexpMatch("(?is).*(pwd|password)\\s*=\\s*;.*")
|
|
select a, "Do not use empty passwords."
|