Skip to content

Commit 9ec08c1

Browse files
geoffw0geoffw0
committed
Swift: Add a couple of sinks missing from sensitive data hashing as well.
1 parent 3a900f1 commit 9ec08c1

File tree

1 file changed

+2
-0
lines changed

1 file changed

+2
-0
lines changed

swift/ql/lib/codeql/swift/security/WeakSensitiveDataHashingExtensions.qll

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -48,9 +48,11 @@ private class WeakSensitiveDataHashingSinks extends SinkModelCsv {
4848
// CryptoSwift
4949
";MD5;true;calculate(for:);;;Argument[0];weak-hash-input-MD5",
5050
";MD5;true;callAsFunction(_:);;;Argument[0];weak-hash-input-MD5",
51+
";MD5;true;process(block:currentHash:);;;Argument[0];weak-hash-input-MD5",
5152
";MD5;true;update(withBytes:isLast:);;;Argument[0];weak-hash-input-MD5",
5253
";SHA1;true;calculate(for:);;;Argument[0];weak-hash-input-SHA1",
5354
";SHA1;true;callAsFunction(_:);;;Argument[0];weak-hash-input-SHA1",
55+
";SHA1;true;process(block:currentHash:);;;Argument[0];weak-hash-input-SHA1",
5456
";SHA1;true;update(withBytes:isLast:);;;Argument[0];weak-hash-input-SHA1",
5557
";Digest;true;md5(_:);;;Argument[0];weak-hash-input-MD5",
5658
";Digest;true;sha1(_:);;;Argument[0];weak-hash-input-SHA1",

0 commit comments

Comments
 (0)