Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit b410791

Browse files
michaelnebelmichaelnebel
committed
C#: Re-factor InsecureRandomness to use the new API.
1 parent e94b492 commit b410791

1 file changed

Lines changed: 13 additions & 12 deletions

File tree

csharp/ql/src/Security Features/InsecureRandomness.ql

Lines changed: 13 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@
1414

1515
import csharp
1616
import semmle.code.csharp.frameworks.Test
17-
import semmle.code.csharp.dataflow.DataFlow::DataFlow::PathGraph
17+
import Random::InsecureRandomness::PathGraph
1818

1919
module Random {
2020
import semmle.code.csharp.security.dataflow.flowsources.Remote
@@ -38,21 +38,24 @@ module Random {
3838
/**
3939
* A taint-tracking configuration for insecure randomness in security sensitive context.
4040
*/
41-
class TaintTrackingConfiguration extends TaintTracking::Configuration {
42-
TaintTrackingConfiguration() { this = "RandomDataFlowConfiguration" }
41+
module InsecureRandomnessConfig implements DataFlow::ConfigSig {
42+
predicate isSource(DataFlow::Node source) { source instanceof Source }
4343

44-
override predicate isSource(DataFlow::Node source) { source instanceof Source }
44+
predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
4545

46-
override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
46+
predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
4747

48-
override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
49-
50-
override predicate isAdditionalTaintStep(DataFlow::Node pred, DataFlow::Node succ) {
48+
predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) {
5149
// succ = array_or_indexer[pred] - use of random numbers in an index
5250
succ.asExpr().(ElementAccess).getAnIndex() = pred.asExpr()
5351
}
5452
}
5553

54+
/**
55+
* A taint-tracking module for insecure randomness in security sensitive context.
56+
*/
57+
module InsecureRandomness = TaintTracking::Global<InsecureRandomnessConfig>;
58+
5659
/** A source of cryptographically insecure random numbers. */
5760
class RandomSource extends Source {
5861
RandomSource() {
@@ -112,10 +115,8 @@ module Random {
112115
}
113116
}
114117

115-
from
116-
Random::TaintTrackingConfiguration randomTracking, DataFlow::PathNode source,
117-
DataFlow::PathNode sink
118-
where randomTracking.hasFlowPath(source, sink)
118+
from Random::InsecureRandomness::PathNode source, Random::InsecureRandomness::PathNode sink
119+
where Random::InsecureRandomness::flowPath(source, sink)
119120
select sink.getNode(), source, sink,
120121
"This uses a cryptographically insecure random number generated at $@ in a security context.",
121122
source.getNode(), source.getNode().toString()

0 commit comments

Comments
 (0)