Skip to content

Commit 4832dc5

Browse files
owen-mcowen-mc
committed
Whitelist variable name tokenImage 
1 parent 63a04c0 commit 4832dc5

File tree

1 file changed

+2
-1
lines changed

1 file changed

+2
-1
lines changed

java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,8 @@ class VariableWithSensitiveName extends Variable {
1212
VariableWithSensitiveName() {
1313
exists(string name | name = this.getName() |
1414
name.regexpMatch(getCommonSensitiveInfoRegex()) and
15-
not name.regexpMatch("(?i).*null.*")
15+
not name.regexpMatch("(?i).*null.*") and
16+
not name.matches("tokenImage") // appears in parser code generated by JavaCC
1617
)
1718
}
1819
}

0 commit comments

Comments
 (0)