Finish

github · Kwstubbs · Aug 25, 2023 · Aug 29, 2023 · Aug 29, 2023 · Aug 29, 2023
commit 7730ad61cb3ac97d5f714d7e9b94d4207f917e40
@@ -7,6 +7,10 @@ string packageLestrrat() {
     package("github.com/lestrrat-go/jwx/v2/jwt", "")
 
 }
+string packageLestrratv1() {
+  result =
+    package("github.com/lestrrat-go/jwx/jwt", "")
+}
 string packagePathModern() {
     result =
       package(["github.com/golang-jwt/jwt/v5", "github.com/golang-jwt/jwt/v4"], "")
@@ -51,9 +55,14 @@ string packagePathModern() {
         this.hasQualifiedName(packageLestrrat(), "Parse")
     }
   }
-  class LestrratSafeOptions extends Function{
-    LestrratSafeOptions() {
-        this.hasQualifiedName(packageLestrrat(), ["WithKey", "WithKeySet"])
+  class LestrratParsev1 extends Function{
+    LestrratParsev1() {
+        this.hasQualifiedName(packageLestrratv1(), "Parse")
+    }
+  }
+  class LestrratVerify extends Function {
+    LestrratVerify() {
+    this.hasQualifiedName(packageLestrratv1(), "WithVerify")
     }
   }
   class LestrratParseInsecure extends Function{

diff --git a/go/ql/src/Security/CWE-338/codeql_myfork.code-workspace b/go/ql/src/Security/CWE-338/codeql_myfork.code-workspace
@@ -0,0 +1,20 @@
+{
+	"folders": [
+		{
+			"path": "../../../../.."
+		},
+		{
+			"name": "[JWT_good__or_bad source archive]",
+			"uri": "codeql-zip-archive://0-44/Users/kstubbin/JWT/JWT_good__or_bad/src.zip"
+		},
+		{
+			"name": "[lestrrat-JWT source archive]",
+			"uri": "codeql-zip-archive://0-49/Users/kstubbin/lesstrat-JWT/lestrrat-JWT/src.zip"
+		},
+		{
+			"name": "[python source archive]",
+			"uri": "codeql-zip-archive://0-146/Users/kstubbin/Library/Application Support/Code/User/workspaceStorage/db72dba15c9beaace6cf497bdbee92ec/GitHub.vscode-codeql/redash/python/src.zip"
+		}
+	],
+	"settings": {}
+}
diff --git a/go/ql/src/Security/CWE-347/InsecureJWTParsing.go b/go/ql/src/Security/CWE-347/InsecureJWTParsing.go
diff --git a/go/ql/src/Security/CWE-347/JWTParsing.qhelp b/go/ql/src/Security/CWE-347/JWTParsing.qhelp
diff --git a/go/ql/src/Security/CWE-347/JWTParsingSignature.ql b/go/ql/src/Security/CWE-347/JWTParsingSignature.ql
diff --git a/.../Security/CWE-347/JWTParsingAlgorithim.ql → ...mental/CWE-347/JWTParsingWIPAlgorithim.ql b/.../Security/CWE-347/JWTParsingAlgorithim.ql → ...mental/CWE-347/JWTParsingWIPAlgorithim.ql
diff --git a/go/ql/test/query-tests/Security/CWE-347/JWTInsecureParsingLestrrat.go b/go/ql/test/query-tests/Security/CWE-347/JWTInsecureParsingLestrrat.go
diff --git a/go/ql/test/query-tests/Security/CWE-347/JWTParsingAlgorithim.expected b/go/ql/test/query-tests/Security/CWE-347/JWTParsingAlgorithim.expected
diff --git a/go/ql/test/query-tests/Security/CWE-347/JWTParsingAlgorithim.qlref b/go/ql/test/query-tests/Security/CWE-347/JWTParsingAlgorithim.qlref
diff --git a/go/ql/test/query-tests/Security/CWE-347/JWTParsingSignature.expected b/go/ql/test/query-tests/Security/CWE-347/JWTParsingSignature.expected
diff --git a/go/ql/test/query-tests/Security/CWE-347/JWTParsingSignature.qlref b/go/ql/test/query-tests/Security/CWE-347/JWTParsingSignature.qlref
diff --git a/go/ql/test/query-tests/Security/CWE-347/go.mod b/go/ql/test/query-tests/Security/CWE-347/go.mod
diff --git a/...est/query-tests/Security/CWE-347/vendor/github.com/decred/dcrd/dcrec/secp256k1/v4/LICENSE b/...est/query-tests/Security/CWE-347/vendor/github.com/decred/dcrd/dcrec/secp256k1/v4/LICENSE
diff --git a/...sts/Security/CWE-347/vendor/github.com/decred/dcrd/dcrec/secp256k1/v4/README.md b/...sts/Security/CWE-347/vendor/github.com/decred/dcrd/dcrec/secp256k1/v4/README.md
diff --git a/...Security/CWE-347/vendor/github.com/decred/dcrd/dcrec/secp256k1/v4/compressedbytepoints.go b/...Security/CWE-347/vendor/github.com/decred/dcrd/dcrec/secp256k1/v4/compressedbytepoints.go