QLDocs

egregius313 · egregius313 · commit 1c3993e632d4 · 2023-12-15T11:09:07.000-05:00
diff --git a/java/ql/lib/semmle/code/java/security/MaybeBrokenCryptoAlgorithmQuery.qll b/java/ql/lib/semmle/code/java/security/MaybeBrokenCryptoAlgorithmQuery.qll
@@ -50,6 +50,12 @@ private class GetPropertyMethodCall extends MethodCall {
   }
 }
 
+/**
+ * Get the string value represented by the given expression.
+ *
+ * If the value is a string literal, return the literal value.
+ * If the value is a call to `java.util.Properties::getProperty`, return the potential values of the property.
+ */
 string insecureAlgorithmName(DataFlow::Node algo) {
   result = algo.asExpr().(StringLiteral).getValue()
   or

Original file line number	Diff line number	Diff line change
`@@ -50,6 +50,12 @@ private class GetPropertyMethodCall extends MethodCall {`
`50`	`50`	`}`
`51`	`51`	`}`
`52`	`52`
	`53`	`+/**`
	`54`	`+ * Get the string value represented by the given expression.`
	`55`	`+ *`
	`56`	`+ * If the value is a string literal, return the literal value.`
	`57`	+ * If the value is a call to `java.util.Properties::getProperty`, return the potential values of the property.
	`58`	`+ */`
`53`	`59`	`string insecureAlgorithmName(DataFlow::Node algo) {`
`54`	`60`	`result = algo.asExpr().(StringLiteral).getValue()`
`55`	`61`	`or`