Thanks to visit codestin.com Credit goes to github.com
We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
1 parent 8fbd8c5 commit ff5d680Copy full SHA for ff5d680
1 file changed
java/ql/src/experimental/Security/CWE/CWE-208/TimingAttackAgainstHeader.ql
@@ -69,4 +69,4 @@ class NonConstantTimeComparisonConfig extends TaintTracking::Configuration {
69
from DataFlow::PathNode source, DataFlow::PathNode sink, NonConstantTimeComparisonConfig conf
70
where conf.hasFlowPath(source, sink)
71
select sink.getNode(), source, sink, "Possible timing attack against $@ validation.",
72
- source.getNode()
+ source.getNode(), "client-supplied token"
0 commit comments