Rename to InsecureRandomness

Author: egregius313

java/ql/lib/semmle/code/java/security/WeakRandomnessQuery.qll renamed to java/ql/lib/semmle/code/java/security/InsecureRandomnessQuery.qll

@@ -1,4 +1,4 @@
-/** Provides classes and predicates for reasoning about weak randomness. */
+/** Provides classes and predicates for reasoning about insecure randomness. */
 
 import java
 private import semmle.code.java.frameworks.Servlets
@@ -9,13 +9,13 @@ private import semmle.code.java.dataflow.ExternalFlow
 private import semmle.code.java.security.RandomQuery
 
 /**
- * A node representing a source of weak randomness.
+ * A node representing a source of insecure randomness.
  *
  * For example, use of `java.util.Random` or `java.lang.Math.random`.
  */
-abstract class WeakRandomnessSource extends DataFlow::Node { }
+abstract class InsecureRandomnessSource extends DataFlow::Node { }
 
-private class RandomMethodSource extends WeakRandomnessSource {
+private class RandomMethodSource extends InsecureRandomnessSource {
   RandomMethodSource() {
     exists(RandomDataSource s | this.asExpr() = s.getOutput() |
       not s.getQualifier().getType() instanceof SafeRandomImplementation
@@ -40,14 +40,14 @@ private class TypeHadoopOsSecureRandom extends SafeRandomImplementation {
 }
 
 /**
- * A node representing an operation which should not use a weakly random value.
+ * A node representing an operation which should not use a Insecurely random value.
  */
-abstract class WeakRandomnessSink extends DataFlow::Node { }
+abstract class InsecureRandomnessSink extends DataFlow::Node { }
 
 /**
  * A node which sets the value of a cookie.
  */
-private class CookieSink extends WeakRandomnessSink {
+private class CookieSink extends InsecureRandomnessSink {
   CookieSink() {
     exists(Call c |
       c.(ClassInstanceExpr).getConstructedType() instanceof TypeCookie and
@@ -60,19 +60,19 @@ private class CookieSink extends WeakRandomnessSink {
   }
 }
 
-private class SensitiveActionSink extends WeakRandomnessSink {
+private class SensitiveActionSink extends InsecureRandomnessSink {
   SensitiveActionSink() { this.asExpr() instanceof SensitiveExpr }
 }
 
-private class CredentialsSink extends WeakRandomnessSink instanceof CredentialsSinkNode { }
+private class CredentialsSink extends InsecureRandomnessSink instanceof CredentialsSinkNode { }
 
 /**
- * A taint-tracking configuration for weak randomness.
+ * A taint-tracking configuration for Insecure randomness.
  */
-module WeakRandomnessConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node src) { src instanceof WeakRandomnessSource }
+module InsecureRandomnessConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node src) { src instanceof InsecureRandomnessSource }
 
-  predicate isSink(DataFlow::Node sink) { sink instanceof WeakRandomnessSink }
+  predicate isSink(DataFlow::Node sink) { sink instanceof InsecureRandomnessSink }
 
   predicate isBarrierIn(DataFlow::Node n) { isSource(n) }
 
@@ -92,6 +92,6 @@ module WeakRandomnessConfig implements DataFlow::ConfigSig {
 }
 
 /**
- * Taint-tracking flow of a weakly random value into a sensitive sink.
+ * Taint-tracking flow of a Insecurely random value into a sensitive sink.
  */
-module WeakRandomnessFlow = TaintTracking::Global<WeakRandomnessConfig>;
+module InsecureRandomnessFlow = TaintTracking::Global<InsecureRandomnessConfig>;

java/ql/src/Security/CWE/CWE-330/WeakRandomness.qhelp renamed to java/ql/src/Security/CWE/CWE-330/InsecureRandomness.qhelp

@@ -0,0 +1,23 @@
+/**
+ * @name Insecure randomness
+ * @description Using a cryptographically Insecure pseudo-random number generator to generate a
+ *              security-sensitive value may allow an attacker to predict what value will
+ *              be generated.
+ * @kind path-problem
+ * @problem.severity warning
+ * @security-severity 7.8
+ * @precision high
+ * @id java/insecure-randomness
+ * @tags security
+ *      external/cwe/cwe-330
+ *      external/cwe/cwe-338
+ */
+
+import java
+import semmle.code.java.security.InsecureRandomnessQuery
+import InsecureRandomnessFlow::PathGraph
+
+from InsecureRandomnessFlow::PathNode source, InsecureRandomnessFlow::PathNode sink
+where InsecureRandomnessFlow::flowPath(source, sink)
+select sink.getNode(), source, sink, "Potential Insecure randomness due to a $@.", source.getNode(),
+  "Insecure randomness source."