Module NormalHashFunction
Provides default sources, sinks and sanitizers for detecting “use of a broken or weak cryptographic hashing algorithm on sensitive data” vulnerabilities on sensitive data that does NOT require computationally expensive hashing, as well as extension points for adding your own.
Also see the ComputationallyExpensiveHashFunction module.
Import path
import codeql.rust.security.WeakSensitiveDataHashingExtensionsClasses
| Barrier | A barrier for “use of a broken or weak cryptographic hashing algorithm on sensitive data” vulnerabilities that applies to data that does not require computationally expensive hashing. |
| SensitiveDataAsSource | A flow source modeled by the |
| Sink | A data flow sink for “use of a broken or weak cryptographic hashing algorithm on sensitive data” vulnerabilities that applies to data that does not require computationally expensive hashing. That is, a broken or weak hashing algorithm. |
| Source | A data flow source for “use of a broken or weak cryptographic hashing algorithm on sensitive data” vulnerabilities that does not require computationally expensive hashing. That is, a piece of sensitive data that is not a password. |
| WeakHashingOperationInputAsSink | A flow sink modeled by the |