Remove unused imports; use set literals in hasName

atorralba · atorralba · commit a62997463f3c · 2021-05-06T09:18:48.000+02:00
diff --git a/java/ql/src/semmle/code/java/security/XPath.qll b/java/ql/src/semmle/code/java/security/XPath.qll
@@ -1,6 +1,5 @@
 import semmle.code.java.dataflow.FlowSources
 import semmle.code.java.dataflow.TaintTracking
-import semmle.code.java.security.XmlParsers
 
 /**
  * An abstract type representing a call to interpret XPath expressions.
@@ -18,9 +17,7 @@ class XPath extends RefType {
 class XPathEvaluateOrCompile extends XPathSink {
   XPathEvaluateOrCompile() {
     exists(Method m | this.getMethod() = m and m.getDeclaringType() instanceof XPath |
-      m.hasName("evaluate")
-      or
-      m.hasName("compile")
+      m.hasName(["evaluate", "compile"])
     )
   }
 
@@ -36,7 +33,7 @@ class Dom4JNode extends RefType {
 class NodeSelectNodes extends XPathSink {
   NodeSelectNodes() {
     exists(Method m | this.getMethod() = m and m.getDeclaringType() instanceof Dom4JNode |
-      m.hasName("selectNodes") or m.hasName("selectSingleNode")
+      m.hasName(["selectNodes", "selectSingleNode"])
     )
   }
 
diff --git a/java/ql/test/experimental/query-tests/security/CWE-643/A.java b/java/ql/test/experimental/query-tests/security/CWE-643/A.java
@@ -1,5 +1,3 @@
-import javax.xml.*;
-
 import org.w3c.dom.Document;
 import org.xml.sax.InputSource;
 import org.xml.sax.SAXException;

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,5 @@`
`1`	`1`	`import semmle.code.java.dataflow.FlowSources`
`2`	`2`	`import semmle.code.java.dataflow.TaintTracking`
`3`		`-import semmle.code.java.security.XmlParsers`
`4`	`3`
`5`	`4`	`/**`
`6`	`5`	`* An abstract type representing a call to interpret XPath expressions.`
`@@ -18,9 +17,7 @@ class XPath extends RefType {`
`18`	`17`	`class XPathEvaluateOrCompile extends XPathSink {`
`19`	`18`	`XPathEvaluateOrCompile() {`
`20`	`19`	`exists(Method m \| this.getMethod() = m and m.getDeclaringType() instanceof XPath \|`
`21`		`- m.hasName("evaluate")`
`22`		`- or`
`23`		`- m.hasName("compile")`
	`20`	`+ m.hasName(["evaluate", "compile"])`
`24`	`21`	`)`
`25`	`22`	`}`
`26`	`23`
`@@ -36,7 +33,7 @@ class Dom4JNode extends RefType {`
`36`	`33`	`class NodeSelectNodes extends XPathSink {`
`37`	`34`	`NodeSelectNodes() {`
`38`	`35`	`exists(Method m \| this.getMethod() = m and m.getDeclaringType() instanceof Dom4JNode \|`
`39`		`- m.hasName("selectNodes") or m.hasName("selectSingleNode")`
	`36`	`+ m.hasName(["selectNodes", "selectSingleNode"])`
`40`	`37`	`)`
`41`	`38`	`}`
`42`	`39`
Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,3 @@`
`1`		`-import javax.xml.*;`
`2`		`-`
`3`	`1`	`import org.w3c.dom.Document;`
`4`	`2`	`import org.xml.sax.InputSource;`
`5`	`3`	`import org.xml.sax.SAXException;`