Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 0a9df07

Browse files
intrigusintrigus
committed
Apply suggestions from review.
1 parent 70b0703 commit 0a9df07

2 files changed

Lines changed: 8 additions & 4 deletions

File tree

java/ql/src/Security/CWE/CWE-297/UnsafeHostnameVerification.ql

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,16 +4,20 @@
44
* @kind path-problem
55
* @problem.severity error
66
* @precision high
7-
* @id java/everything-accepting-hostname-verifier
7+
* @id java/insecure-hostname-verifier
88
* @tags security
99
* external/cwe/cwe-297
1010
*/
1111

1212
import java
13-
import semmle.code.java.security.Encryption
13+
14+
import semmle.code.java.controlflow.Guards
1415
import semmle.code.java.dataflow.DataFlow
16+
import semmle.code.java.dataflow.FlowSources
17+
import semmle.code.java.dataflow.TaintTracking2
18+
import semmle.code.java.security.Encryption
19+
1520
import DataFlow::PathGraph
16-
import semmle.code.java.controlflow.Guards
1721

1822
/**
1923
* Holds if `m` always returns `true` ignoring any exceptional flow.

java/ql/src/experimental/Security/CWE/CWE-273/UnsafeCertTrust.qhelp

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
<qhelp>
55

66
<overview>
7-
<p>Java offers two mechanisms for SSL authentication - trust manager and hostname verifier (not checked by this query). Trust manager validates the peer's certificate chain while hostname verification establishes that the hostname in the URL matches the hostname in the server's identification.</p>
7+
<p>Java offers two mechanisms for SSL authentication - trust manager and hostname verifier (checked by the <code>java/insecure-hostname-verifier</code> query). Trust manager validates the peer's certificate chain while hostname verification establishes that the hostname in the URL matches the hostname in the server's identification.</p>
88
<p>And when SSLSocket or SSLEngine is created without a valid parameter of setEndpointIdentificationAlgorithm, hostname verification is disabled by default.</p>
99
<p>Unsafe implementation of the interface X509TrustManager and SSLSocket/SSLEngine ignores all SSL certificate validation errors when establishing an HTTPS connection, thereby making the app vulnerable to man-in-the-middle attacks.</p>
1010
<p>This query checks whether trust manager is set to trust all certificates or setEndpointIdentificationAlgorithm is missing. The query also covers a special implementation com.rabbitmq.client.ConnectionFactory.</p>

0 commit comments

Comments
 (0)