Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 02d0fa9

Browse files
atorralbaatorralba
committed
Minor changes in QLDocs and a sanitizer's type
1 parent 4313baf commit 02d0fa9

2 files changed

Lines changed: 8 additions & 4 deletions

File tree

java/ql/lib/semmle/code/java/security/UnsafeCertTrust.qll

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ private import semmle.code.java.dataflow.DataFlow2
88

99
/**
1010
* The creation of an object that prepares an SSL connection.
11+
* This is a source for `SslEndpointIdentificationFlowConfig`.
1112
*/
1213
class SslConnectionInit extends DataFlow::Node {
1314
SslConnectionInit() {
@@ -18,6 +19,7 @@ class SslConnectionInit extends DataFlow::Node {
1819

1920
/**
2021
* A call to a method that establishes an SSL connection.
22+
* This is a sink for `SslEndpointIdentificationFlowConfig`.
2123
*/
2224
class SslConnectionCreation extends DataFlow::Node {
2325
SslConnectionCreation() {
@@ -41,12 +43,14 @@ class SslConnectionCreation extends DataFlow::Node {
4143
}
4244

4345
/**
44-
* An SSL object that was assigned a safe `SSLParameters` object an can be considered safe.
46+
* An SSL object that was assigned a safe `SSLParameters` object and can be considered safe.
47+
* This is a sanitizer for `SslEndpointIdentificationFlowConfig`.
4548
*/
46-
class SslConnectionWithSafeSslParameters extends Expr {
49+
class SslConnectionWithSafeSslParameters extends DataFlow::Node {
4750
SslConnectionWithSafeSslParameters() {
4851
exists(SafeSslParametersFlowConfig config, DataFlow::Node safe |
49-
config.hasFlowTo(safe) and this = safe.asExpr().(Argument).getCall().getQualifier()
52+
config.hasFlowTo(safe) and
53+
this = DataFlow::exprNode(safe.asExpr().(Argument).getCall().getQualifier())
5054
)
5155
}
5256
}

java/ql/src/Security/CWE/CWE-273/UnsafeCertTrust.ql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@ class SslEndpointIdentificationFlowConfig extends TaintTracking::Configuration {
2323
override predicate isSink(DataFlow::Node sink) { sink instanceof SslConnectionCreation }
2424

2525
override predicate isSanitizer(DataFlow::Node sanitizer) {
26-
sanitizer.asExpr() instanceof SslConnectionWithSafeSslParameters
26+
sanitizer instanceof SslConnectionWithSafeSslParameters
2727
}
2828
}
2929

0 commit comments

Comments
 (0)