Skip to content

Commit a10b11e

Browse files
smowtonsmowton
authored
Fix spelling and remove dead code
1 parent ae6fda0 commit a10b11e

File tree

1 file changed

+6
-16
lines changed

1 file changed

+6
-16
lines changed

go/ql/src/experimental/CWE-203/Timing.ql

Lines changed: 6 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
/**
2-
* @name Timing attacks due to comparision of sensitive secrets
3-
* @description using a non-constant time comparision method to comapre secrets can lead to authoriztion vulnerabilities
2+
* @name Timing attacks due to comparison of sensitive secrets
3+
* @description using a non-constant time comparison method to comapre secrets can lead to authoriztion vulnerabilities
44
* @kind path-problem
55
* @problem.severity warning
66
* @id go/timing-attack
@@ -19,27 +19,17 @@ private predicate isBadResult(DataFlow::Node e) {
1919
)
2020
}
2121

22-
/**
23-
* A data flow source for timing attack vulnerabilities.
24-
*/
25-
abstract class Source extends DataFlow::Node { }
26-
2722
/**
2823
* A data flow sink for timing attack vulnerabilities.
2924
*/
3025
abstract class Sink extends DataFlow::Node { }
3126

32-
/**
33-
* A sanitizer for timing attack vulnerabilities.
34-
*/
35-
abstract class Sanitizer extends DataFlow::Node { }
36-
37-
/** A taint-tracking sink which models comparisions of sensitive variables. */
27+
/** A taint-tracking sink which models comparisons of sensitive variables. */
3828
private class SensitiveCompareSink extends Sink {
3929
ComparisonExpr c;
4030

4131
SensitiveCompareSink() {
42-
// We select a comparision where a secret or password is tested.
32+
// We select a comparison where a secret or password is tested.
4333
exists(SensitiveVariableAccess op1, Expr op2 |
4434
op1.getClassification() = [SensitiveExpr::secret(), SensitiveExpr::password()] and
4535
// exclude grant to avoid FP from OAuth
@@ -48,10 +38,10 @@ private class SensitiveCompareSink extends Sink {
4838
op2 = c.getAnOperand() and
4939
not op1 = op2 and
5040
not (
51-
// Comparisions with `nil` should be excluded.
41+
// Comparisons with `nil` should be excluded.
5242
op2 = Builtin::nil().getAReference()
5343
or
54-
// Comparisions with empty string should also be excluded.
44+
// Comparisons with empty string should also be excluded.
5545
op2.getStringValue().length() = 0
5646
)
5747
|

0 commit comments

Comments
 (0)