Skip to content

Commit 9b79668

Browse files
raulgarciamsftraulgarciamsft
committed
Addressing some of the feedback. Work still pending
1 parent 7f72513 commit 9b79668

File tree

2 files changed

+8
-8
lines changed

2 files changed

+8
-8
lines changed

csharp/ql/src/experimental/Security Features/JsonWebTokenHandler/JsonWebTokenHandlerLib.qll

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -189,7 +189,7 @@ class CallableAlwaysReturnsTrueHigherPrecision extends CallableAlwaysReturnsTrue
189189
)
190190
or
191191
exists(LambdaExpr le, Call call, CallableAlwaysReturnsTrueHigherPrecision cat | this = le |
192-
call = le.getExpressionBody() and
192+
le.canReturn(call) and
193193
cat.getACall() = call
194194
)
195195
)
@@ -217,7 +217,7 @@ class TokenValidationParametersPropertyWriteToValidationDelegatedIssuerValidator
217217
private class CallableReturnsStringAndArg0IsString extends Callable {
218218
CallableReturnsStringAndArg0IsString() {
219219
this.getReturnType() instanceof StringType and
220-
this.getParameter(0).getType().toString() = "String"
220+
this.getParameter(0).getType() instanceof StringType
221221
}
222222
}
223223

@@ -227,7 +227,7 @@ private class CallableReturnsStringAndArg0IsString extends Callable {
227227
class CallableAlwaysReturnsParameter0 extends CallableReturnsStringAndArg0IsString {
228228
CallableAlwaysReturnsParameter0() {
229229
forall(ReturnStmt rs | rs.getEnclosingCallable() = this |
230-
rs.getChild(0) = this.getParameter(0).getAnAccess()
230+
rs.getExpr() = this.getParameter(0).getAnAccess()
231231
) and
232232
exists(ReturnStmt rs | rs.getEnclosingCallable() = this)
233233
or

csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/security-validation-disabled.expected

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
1-
| security-validation-disabled-test.cs:31:34:31:38 | false | The security sensitive property $@ is being disabled by the followign value: $@. | security-validation-disabled-test.cs:31:17:31:30 | access to property ValidateIssuer | ValidateIssuer | security-validation-disabled-test.cs:31:34:31:38 | false | false |
2-
| security-validation-disabled-test.cs:32:36:32:40 | false | The security sensitive property $@ is being disabled by the followign value: $@. | security-validation-disabled-test.cs:32:17:32:32 | access to property ValidateAudience | ValidateAudience | security-validation-disabled-test.cs:32:36:32:40 | false | false |
3-
| security-validation-disabled-test.cs:33:36:33:40 | false | The security sensitive property $@ is being disabled by the followign value: $@. | security-validation-disabled-test.cs:33:17:33:32 | access to property ValidateLifetime | ValidateLifetime | security-validation-disabled-test.cs:33:36:33:40 | false | false |
4-
| security-validation-disabled-test.cs:34:41:34:45 | false | The security sensitive property $@ is being disabled by the followign value: $@. | security-validation-disabled-test.cs:34:17:34:37 | access to property RequireExpirationTime | RequireExpirationTime | security-validation-disabled-test.cs:34:41:34:45 | false | false |
5-
| security-validation-disabled-test.cs:37:35:37:39 | false | The security sensitive property $@ is being disabled by the followign value: $@. | security-validation-disabled-test.cs:37:17:37:31 | access to property RequireAudience | RequireAudience | security-validation-disabled-test.cs:37:35:37:39 | false | false |
1+
| security-validation-disabled-test.cs:31:34:31:38 | false | The security sensitive property $@ is being disabled by the following value: $@. | security-validation-disabled-test.cs:31:17:31:30 | access to property ValidateIssuer | ValidateIssuer | security-validation-disabled-test.cs:31:34:31:38 | false | false |
2+
| security-validation-disabled-test.cs:32:36:32:40 | false | The security sensitive property $@ is being disabled by the following value: $@. | security-validation-disabled-test.cs:32:17:32:32 | access to property ValidateAudience | ValidateAudience | security-validation-disabled-test.cs:32:36:32:40 | false | false |
3+
| security-validation-disabled-test.cs:33:36:33:40 | false | The security sensitive property $@ is being disabled by the following value: $@. | security-validation-disabled-test.cs:33:17:33:32 | access to property ValidateLifetime | ValidateLifetime | security-validation-disabled-test.cs:33:36:33:40 | false | false |
4+
| security-validation-disabled-test.cs:34:41:34:45 | false | The security sensitive property $@ is being disabled by the following value: $@. | security-validation-disabled-test.cs:34:17:34:37 | access to property RequireExpirationTime | RequireExpirationTime | security-validation-disabled-test.cs:34:41:34:45 | false | false |
5+
| security-validation-disabled-test.cs:37:35:37:39 | false | The security sensitive property $@ is being disabled by the following value: $@. | security-validation-disabled-test.cs:37:17:37:31 | access to property RequireAudience | RequireAudience | security-validation-disabled-test.cs:37:35:37:39 | false | false |

0 commit comments

Comments
 (0)