Commit ff9ed0d
committed
Java: Tag queries with CWE-328
CWE-328: Use of Weak Hash, see https://cwe.mitre.org/data/definitions/328.html
Since weak hash functions (md5/sha1) are considered for the
`java/weak-cryptographic-algorithm` query. See
https://github.com/github/codeql/blob/caeeebf572f84f428476ec36745c832f21c8e5c0/java/ql/lib/semmle/code/java/security/Encryption.qll#L148
To keep things consistent between `java/weak-cryptographic-algorithm`
and `java/potentially-weak-cryptographic-algorithm`, I also added the
tag to the latter.1 parent 6b1ac73 commit ff9ed0d
File tree
2 files changed
+2
-0
lines changed- java/ql/src/Security/CWE/CWE-327
2 files changed
+2
-0
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
8 | 8 | | |
9 | 9 | | |
10 | 10 | | |
| 11 | + | |
11 | 12 | | |
12 | 13 | | |
13 | 14 | | |
| |||
Lines changed: 1 addition & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
8 | 8 | | |
9 | 9 | | |
10 | 10 | | |
| 11 | + | |
11 | 12 | | |
12 | 13 | | |
13 | 14 | | |
| |||
0 commit comments