Java: Switch to data flow

intrigus · intrigus · commit bdba7e14fe29 · 2021-01-27T11:54:40.000+01:00
diff --git a/java/ql/src/experimental/Security/CWE/CWE-295/JxBrowserWithoutCertValidation.ql b/java/ql/src/experimental/Security/CWE/CWE-295/JxBrowserWithoutCertValidation.ql
@@ -9,7 +9,7 @@
 
 import java
 import semmle.code.java.security.Encryption
-import semmle.code.java.dataflow.TaintTracking
+import semmle.code.java.dataflow.DataFlow
 
 /*
  * This query is version specific to JxBrowser < 6.24. The version is indirectly detected.
@@ -57,8 +57,8 @@ private class JxBrowserSafeLoadHandler extends RefType {
   }
 }
 
-private class JxBrowserTaintTracking extends TaintTracking::Configuration {
-  JxBrowserTaintTracking() { this = "JxBrowserTaintTracking" }
+private class JxBrowserFlowConfiguration extends DataFlow::Configuration {
+  JxBrowserFlowConfiguration() { this = "JxBrowserFlowConfiguration" }
 
   override predicate isSource(DataFlow::Node src) {
     exists(ClassInstanceExpr newJxBrowser | newJxBrowser.getConstructedType() instanceof JxBrowser |
@@ -74,7 +74,7 @@ private class JxBrowserTaintTracking extends TaintTracking::Configuration {
   }
 }
 
-from JxBrowserTaintTracking cfg, DataFlow::Node src
+from JxBrowserFlowConfiguration cfg, DataFlow::Node src
 where
   cfg.isSource(src) and
   not cfg.hasFlow(src, _) and

Original file line number	Diff line number	Diff line change
`@@ -9,7 +9,7 @@`
`9`	`9`
`10`	`10`	`import java`
`11`	`11`	`import semmle.code.java.security.Encryption`
`12`		`-import semmle.code.java.dataflow.TaintTracking`
	`12`	`+import semmle.code.java.dataflow.DataFlow`
`13`	`13`
`14`	`14`	`/*`
`15`	`15`	`* This query is version specific to JxBrowser < 6.24. The version is indirectly detected.`
`@@ -57,8 +57,8 @@ private class JxBrowserSafeLoadHandler extends RefType {`
`57`	`57`	`}`
`58`	`58`	`}`
`59`	`59`
`60`		`-private class JxBrowserTaintTracking extends TaintTracking::Configuration {`
`61`		`- JxBrowserTaintTracking() { this = "JxBrowserTaintTracking" }`
	`60`	`+private class JxBrowserFlowConfiguration extends DataFlow::Configuration {`
	`61`	`+ JxBrowserFlowConfiguration() { this = "JxBrowserFlowConfiguration" }`
`62`	`62`
`63`	`63`	`override predicate isSource(DataFlow::Node src) {`
`64`	`64`	`exists(ClassInstanceExpr newJxBrowser \| newJxBrowser.getConstructedType() instanceof JxBrowser \|`
`@@ -74,7 +74,7 @@ private class JxBrowserTaintTracking extends TaintTracking::Configuration {`
`74`	`74`	`}`
`75`	`75`	`}`
`76`	`76`
`77`		`-from JxBrowserTaintTracking cfg, DataFlow::Node src`
	`77`	`+from JxBrowserFlowConfiguration cfg, DataFlow::Node src`
`78`	`78`	`where`
`79`	`79`	`cfg.isSource(src) and`
`80`	`80`	`not cfg.hasFlow(src, _) and`