C++: Update SensitiveExprs.qll to clarify the relationship.

geoffw0 · geoffw0 · commit 202b6d44a5ea · 2022-03-28T10:54:56.000+01:00
diff --git a/cpp/ql/lib/semmle/code/cpp/security/SensitiveExprs.qll b/cpp/ql/lib/semmle/code/cpp/security/SensitiveExprs.qll
@@ -1,13 +1,16 @@
 /**
  * Provides classes for heuristically identifying variables and functions that
- * might contain or return a password or other sensitive information.
+ * might contain or return a password or other credential.
+ *
+ * This library is not concerned with other kinds of sensitive private
+ * information. See `PrivateData.qll` for expressions related to that.
  */
 
 import cpp
 
 /**
  * Holds if the name `s` suggests something might contain or return a password
- * or other sensitive information.
+ * or other credential.
  */
 bindingset[s]
 private predicate suspicious(string s) {
@@ -16,7 +19,7 @@ private predicate suspicious(string s) {
 }
 
 /**
- * A variable that might contain a password or other sensitive information.
+ * A variable that might contain a password or other credential.
  */
 class SensitiveVariable extends Variable {
   SensitiveVariable() {
@@ -26,7 +29,7 @@ class SensitiveVariable extends Variable {
 }
 
 /**
- * A function that might return a password or other sensitive information.
+ * A function that might return a password or other credential.
  */
 class SensitiveFunction extends Function {
   SensitiveFunction() {
@@ -36,7 +39,7 @@ class SensitiveFunction extends Function {
 }
 
 /**
- * An expression whose value might be a password or other sensitive information.
+ * An expression whose value might be a password or other credential.
  */
 class SensitiveExpr extends Expr {
   SensitiveExpr() {
