A data flow sink for “use of a broken or weak cryptographic hashing algorithm on sensitive data” vulnerabilities that applies to data that does require computationally expensive hashing. That is, a broken or weak hashing algorithm or one that is not computationally expensive enough for password hashing.
Import path
import codeql.rust.security.WeakSensitiveDataHashingExtensionsDirect supertypes
Indirect supertypes
Known direct subtypes
Predicates
| getAlgorithmName | Gets the name of the weak hashing algorithm. |
| getSinkType | Gets a string that describes the type of this sink (usually the query it applies to). |
| isComputationallyExpensive | Holds if this sink is for a computationally expensive hash function (meaning that hash function is just weak in some other regard. |
Inherited predicates
| asExpr | Gets the expression that corresponds to this node, if any. | from NodePublic |
| asParameter | Gets the parameter that corresponds to this node, if any. | from NodePublic |
| asPat | Gets the pattern that corresponds to this node, if any. | from NodePublic |
| getLocation | Gets the location of this node. | from NodePublic |
| toString | Gets a textual representation of this node. | from NodePublic |