Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit f5a2fef

Browse files
Jami CogswellJami Cogswell
Jami Cogswell
authored and
Jami Cogswell
committed
update tests for non-path version
1 parent b0af9f9 commit f5a2fef

2 files changed

Lines changed: 21 additions & 7 deletions

File tree

java/ql/lib/semmle/code/java/security/InsufficientKeySizeQuery.qll

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,7 @@ class AsymmetricKeyTrackingConfiguration extends TaintTracking2::Configuration {
6060
// msg = "Key size should be at least 2048 bits for " + "___" + " encryption."
6161
// }
6262
/**
63-
* Asymmetric (RSA, DSA, DH) key length data flow tracking configuration.
63+
* Asymmetric (EC) key length data flow tracking configuration.
6464
*/
6565
class AsymmetricECCKeyTrackingConfiguration extends TaintTracking2::Configuration {
6666
AsymmetricECCKeyTrackingConfiguration() { this = "AsymmetricECCKeyTrackingConfiguration" }

java/ql/test/query-tests/security/CWE-326/InsufficientKeySizeTest.ql

Lines changed: 20 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -7,15 +7,29 @@ class InsufficientKeySizeTest extends InlineExpectationsTest {
77

88
override string getARelevantTag() { result = "hasInsufficientKeySize" }
99

10+
// * Path-problem
11+
// override predicate hasActualResult(Location location, string element, string tag, string value) {
12+
// tag = "hasInsufficientKeySize" and
13+
// exists(DataFlow::PathNode source, DataFlow::PathNode sink |
14+
// exists(AsymmetricKeyTrackingConfiguration config1 | config1.hasFlowPath(source, sink)) or
15+
// exists(AsymmetricECCKeyTrackingConfiguration config2 | config2.hasFlowPath(source, sink)) or
16+
// exists(SymmetricKeyTrackingConfiguration config2 | config2.hasFlowPath(source, sink))
17+
// |
18+
// sink.getNode().getLocation() = location and
19+
// element = sink.getNode().toString() and
20+
// value = ""
21+
// )
22+
// }
23+
// * Not path-problem
1024
override predicate hasActualResult(Location location, string element, string tag, string value) {
1125
tag = "hasInsufficientKeySize" and
12-
exists(DataFlow::PathNode source, DataFlow::PathNode sink |
13-
exists(AsymmetricKeyTrackingConfiguration config1 | config1.hasFlowPath(source, sink)) or
14-
exists(AsymmetricECCKeyTrackingConfiguration config2 | config2.hasFlowPath(source, sink)) or
15-
exists(SymmetricKeyTrackingConfiguration config2 | config2.hasFlowPath(source, sink))
26+
exists(DataFlow::Node source, DataFlow::Node sink |
27+
exists(AsymmetricKeyTrackingConfiguration config1 | config1.hasFlow(source, sink)) or
28+
exists(AsymmetricECCKeyTrackingConfiguration config2 | config2.hasFlow(source, sink)) or
29+
exists(SymmetricKeyTrackingConfiguration config3 | config3.hasFlow(source, sink))
1630
|
17-
sink.getNode().getLocation() = location and
18-
element = sink.getNode().toString() and
31+
sink.getLocation() = location and
32+
element = sink.toString() and
1933
value = ""
2034
)
2135
}

0 commit comments

Comments
 (0)