Java: Remove wrong definition of taint tracking

jbj · jbj · commit f1e6e36ce6fd · 2019-08-20T13:45:38.000+02:00
This explanation, taken from C/C++, was not correct for Java.
diff --git a/java/ql/src/semmle/code/java/dataflow/TaintTracking.qll b/java/ql/src/semmle/code/java/dataflow/TaintTracking.qll
@@ -1,11 +1,6 @@
 /**
  * Provides classes for performing local (intra-procedural) and
  * global (inter-procedural) taint-tracking analyses.
- *
- * We define _taint propagation_ informally to mean that a substantial part of
- * the information from the source is preserved at the sink. For example, taint
- * propagates from `x` to `x + 100`, but it does not propagate from `x` to `x >
- * 100` since we consider a single bit of information to be too little.
  */
 import semmle.code.java.dataflow.DataFlow
 import semmle.code.java.dataflow.DataFlow2
diff --git a/java/ql/src/semmle/code/java/dataflow/TaintTracking2.qll b/java/ql/src/semmle/code/java/dataflow/TaintTracking2.qll
@@ -1,11 +1,6 @@
 /**
  * Provides classes for performing local (intra-procedural) and
  * global (inter-procedural) taint-tracking analyses.
- *
- * We define _taint propagation_ informally to mean that a substantial part of
- * the information from the source is preserved at the sink. For example, taint
- * propagates from `x` to `x + 100`, but it does not propagate from `x` to `x >
- * 100` since we consider a single bit of information to be too little.
  */
 module TaintTracking2 {
   import semmle.code.java.dataflow.internal.tainttracking2.TaintTrackingImpl
