style:formatDocument

Author: liangjinhuang

python/ql/lib/semmle/python/security/dataflow/InsecureRandomness.qll

@@ -16,7 +16,7 @@ import semmle.python.dataflow.new.TaintTracking
  */
 module InsecureRandomness {
   import InsecureRandomnessCustomizations::InsecureRandomness
-  
+
   /**
    * A taint-tracking configuration for reasoning about random values that are
    * not cryptographically secure.
@@ -29,9 +29,9 @@ module InsecureRandomness {
     override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
 
     override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
-    
+
     override predicate isSanitizerGuard(DataFlow::BarrierGuard guard) {
       guard instanceof SanitizerGuard
     }
   }
-}
+}

python/ql/lib/semmle/python/security/dataflow/InsecureRandomnessCustomizations.qll

@@ -38,22 +38,20 @@ module InsecureRandomness {
    * A random source that is not sufficient for security use. So far this is only made up
    * of the math package's rand function, more insufficient random sources can be added here.
    */
-  class InsecureRandomSource extends Source { 
-    InsecureRandomSource() { 
+  class InsecureRandomSource extends Source {
+    InsecureRandomSource() {
       this =
         API::moduleImport("random")
             .getMember([
-                "betavariate", "choice", "choices", "expovariate",
-                "gammavariate", "gauss", "getrandbits", "getstate",
-                "lognormvariate", "normalvariate", "paretovariate",
-                "randbytes", "randint", "random", "randrange",
-                "sample", "seed", "setstate", "shuffle",
-                "triangular", "uniform", "vonmisesvariate", "weibullvariate"
+                "betavariate", "choice", "choices", "expovariate", "gammavariate", "gauss",
+                "getrandbits", "getstate", "lognormvariate", "normalvariate", "paretovariate",
+                "randbytes", "randint", "random", "randrange", "sample", "seed", "setstate",
+                "shuffle", "triangular", "uniform", "vonmisesvariate", "weibullvariate"
               ])
             .getACall()
     }
   }
-  
+
   /**
    * A use in a function that heuristically deals with unsafe random numbers or random strings.
    */
@@ -73,9 +71,7 @@ module InsecureRandomness {
    */
   class CryptoKeySink extends Sink {
     CryptoKeySink() {
-      exists(Cryptography::CryptographicOperation operation |
-        this = operation.getAnInput()
-      )
+      exists(Cryptography::CryptographicOperation operation | this = operation.getAnInput())
     }
   }
-}
+}

python/ql/src/experimental/Security/CWE-338/InsecureRandomness.ql

@@ -20,4 +20,4 @@ import DataFlow::PathGraph
 from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
 where cfg.hasFlowPath(source, sink)
 select sink.getNode(), source, sink, "Cryptographically insecure $@ in a security context.",
-  source.getNode(), "random value"
+  source.getNode(), "random value"