Skip to content

Java: Checking if map has specific key #160

Answered by intrigus-lgtm
h0ng10 asked this question in General
Discussion options

You must be logged in to vote

Please ignore this answer, it does not really work.
Instead look at this improved answer: #235 (comment)

For the next time (not specific to you but in general, when I'm seeing such questions here) it would be great if you could include a sample project that is accessible on lgtm.com.
Otherwise no one can easily test your query.

Here is a (untested!) query that should work.
It looks for flow from any Map to your sensitive function.
If there is a call that puts something into forceAuthentication we consider the flow safe.
Note that this is not 100% correct since it would be possible that someone clears the map afterwards.
We would still consider this safe

/**
 * @kind path-problem
 * @id foo

Replies: 1 comment 1 reply

Comment options

You must be logged in to vote
1 reply
@h0ng10
Comment options

Answer selected by xcorail
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
2 participants