Fix encryption sanitizer

atorralba · atorralba · commit d0b9920cac5c · 2021-09-23T10:42:30.000+02:00
It now discards sensitive exprs (sources) instead of sinks for better precision
diff --git a/java/ql/lib/semmle/code/java/security/CleartextStorageQuery.qll b/java/ql/lib/semmle/code/java/security/CleartextStorageQuery.qll
@@ -88,7 +88,7 @@ private class EncryptedValueFlowConfig extends DataFlow4::Configuration {
     src.asExpr() instanceof EncryptedSensitiveMethodAccess
   }
 
-  override predicate isSink(DataFlow::Node sink) { sink instanceof CleartextStorageSink }
+  override predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof SensitiveExpr }
 }
 
 /** A taint step for `EditText.toString` in Android. */

Original file line number	Diff line number	Diff line change
`@@ -88,7 +88,7 @@ private class EncryptedValueFlowConfig extends DataFlow4::Configuration {`
`88`	`88`	`src.asExpr() instanceof EncryptedSensitiveMethodAccess`
`89`	`89`	`}`
`90`	`90`
`91`		`- override predicate isSink(DataFlow::Node sink) { sink instanceof CleartextStorageSink }`
	`91`	`+ override predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof SensitiveExpr }`
`92`	`92`	`}`
`93`	`93`
`94`	`94`	/** A taint step for `EditText.toString` in Android. */