codeql-queries icon indicating copy to clipboard operation
codeql-queries copied to clipboard

Published 20 hours ago verified publisher icon advanced-security

Update CWE-798 to new dataflow API

Open securingdev opened this issue 2 years ago • 2 comments
trafficstars

Add code to update CWE-798 with tests passing for both old and new version of the code 👍

securingdev avatar Aug 21 '23 15:08 securingdev

This fails to compile:

WARNING: string is incompatible with PathNode (the type of the edge relation). (/home/runner/work/codeql-queries/codeql-queries/java/CWE-798/HardcodedBase64Usage.ql:39,32-68)
WARNING: A path-problem query must select a string representing the message as its 4th result. (/home/runner/work/codeql-queries/codeql-queries/java/CWE-7[9](https://github.com/advanced-security/codeql-queries/actions/runs/5930036377/job/16078923822?pr=185#step:5:10)8/HardcodedBase64Usage.ql:39,70-86)

aegilops avatar Aug 29 '23 08:08 aegilops

This repo has been merged with the Security Lab one into the new community-codeql-packs repo which we plan to make public and promote soon. If you would like this PR to be applied to the new repo, please open a new PR there so it can get merged in the new QLPacks.

pwntester avatar Sep 21 '23 12:09 pwntester