Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 333130b

Browse files
smowtonsmowton
committed
Abbreviate isSink
1 parent 80a2b38 commit 333130b

1 file changed

Lines changed: 1 addition & 7 deletions

File tree

java/ql/src/experimental/Security/CWE/CWE-208/TimingAttackAgainstHeader.ql

Lines changed: 1 addition & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -28,12 +28,6 @@ private predicate isNonConstantEqualsCallArgument(Expr e) {
2828
e = [call.getQualifier(), call.getAnArgument()]
2929
}
3030

31-
32-
class NonConstantTimeComparisonSink extends DataFlow::Node {
33-
NonConstantTimeComparisonSink() {
34-
isNonConstantEqualsCallArgument(this.asExpr())
35-
}
36-
}
3731
class ClientSuppliedIpTokenCheck extends DataFlow::Node {
3832
ClientSuppliedIpTokenCheck() {
3933
exists(MethodAccess ma |
@@ -52,7 +46,7 @@ class NonConstantTimeComparisonConfig extends TaintTracking::Configuration {
5246

5347
override predicate isSource(DataFlow::Node source) { source instanceof ClientSuppliedIpTokenCheck }
5448

55-
override predicate isSink(DataFlow::Node sink) { sink instanceof NonConstantTimeComparisonSink }
49+
override predicate isSink(DataFlow::Node sink) { isNonConstantEqualsCallArgument(sink.asExpr()) }
5650
}
5751

5852
from DataFlow::PathNode source, DataFlow::PathNode sink, NonConstantTimeComparisonConfig conf

0 commit comments

Comments
 (0)