Skip to content

Commit

Permalink
Refactor HardcodedCredentials to use new SensitiveApi api
Browse files Browse the repository at this point in the history
  • Loading branch information
egregius313 committed Aug 16, 2023
1 parent 6d638b7 commit d7ef0da
Showing 1 changed file with 4 additions and 9 deletions.
13 changes: 4 additions & 9 deletions java/ql/lib/semmle/code/java/security/HardcodedCredentials.qll
Original file line number Diff line number Diff line change
Expand Up @@ -59,15 +59,10 @@ abstract class CredentialsSink extends Expr {
*/
class CredentialsApiSink extends CredentialsSink {
CredentialsApiSink() {
exists(Call call, int i |
this = call.getArgument(i) and
(
javaApiCallableUsernameParam(call.getCallee(), i) or
javaApiCallablePasswordParam(call.getCallee(), i) or
javaApiCallableCryptoKeyParam(call.getCallee(), i) or
otherApiCallableCredentialParam(call.getCallee(), i)
)
)
this = any(PasswordParameter p).asExpr() or
this = any(UsernameParameter p).asExpr() or
this = any(CryptoKeyParameter p).asExpr() or
this = any(CredentialParameter p).asExpr()
}
}

Expand Down

0 comments on commit d7ef0da

Please sign in to comment.