A configuration to model the flow of an insecure TrustManager
to the initialization of an SSL context.
Import path
import semmle.code.java.security.InsecureTrustManagerQuery
Predicates
| allowImplicitRead | Holds if an arbitrary number of implicit read steps of content c may be taken at node.
|
| getASelectedSourceLocation | Gets a location that will be associated with the given source in a diff-informed query that uses this configuration (see observeDiffInformedIncrementalMode). By default, this is the location of the source itself, but this predicate should include any locations that are reported as the primary-location of the query or as an additional location (“$@” interpolation). Queries with @kind path-problem that override this predicate should also return the location of the source itself. For a query that doesn’t report the source at all, this predicate should be none().
|
| isSink | Holds if sink is a relevant data flow sink.
|
| isSource | Holds if source is a relevant data flow source.
|
| observeDiffInformedIncrementalMode | Holds if sources and sinks should be filtered to only include those that may lead to a flow path with either a source or a sink in the location range given by AlertFiltering. This only has an effect when running in diff-informed incremental mode.
|