Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 2e948da

Browse files
yoffyoff
committed
Python: suggested refactor
1 parent 1be2be8 commit 2e948da

2 files changed

Lines changed: 5 additions & 4 deletions

File tree

python/ql/src/Security/CWE-327/FluentApiModel.qll

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -67,9 +67,8 @@ predicate unsafe_connection_creation(
6767
}
6868

6969
/** A connection is created insecurely without reference to a context. */
70-
predicate unsafe_context_creation(DataFlow::Node node, string insecure_version, CallNode call) {
70+
predicate unsafe_context_creation(DataFlow::CallCfgNode call, string insecure_version) {
7171
exists(TlsLibrary l, ContextCreation cc | cc = l.insecure_context_creation(insecure_version) |
72-
cc = node and
73-
cc.getNode() = call
72+
cc = call
7473
)
7574
}

python/ql/src/Security/CWE-327/InsecureProtocol.ql

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,9 @@ from
3737
where
3838
unsafe_connection_creation(creation, insecure_version, contextOrigin, specific)
3939
or
40-
unsafe_context_creation(creation, insecure_version, contextOrigin.asCfgNode()) and specific = true
40+
unsafe_context_creation(creation, insecure_version) and
41+
contextOrigin = creation and
42+
specific = true
4143
select creation,
4244
"Insecure SSL/TLS protocol version " + insecure_version + " " + verb(specific) + " by $@ ",
4345
contextOrigin, originName(contextOrigin)

0 commit comments

Comments
 (0)