Skip to content

Commit cf57837

Browse files
erik-krogherik-krogh
committed
fix some stuff
1 parent bb7eea7 commit cf57837

File tree

3 files changed

+14
-15
lines changed

3 files changed

+14
-15
lines changed

java/ql/src/Security/CWE/CWE-022/TaintedPath.ql

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -70,5 +70,5 @@ DataFlow::Node getReportingNode(DataFlow::Node sink) {
7070

7171
from DataFlow::PathNode source, DataFlow::PathNode sink, TaintedPathConfig conf
7272
where conf.hasFlowPath(source, sink)
73-
select sink.getNode(), source, sink, "This path depends on a $@.", source.getNode(),
74-
"user-provided value"
73+
select getReportingNode(sink.getNode()), source, sink, "This path depends on a $@.",
74+
source.getNode(), "user-provided value"

java/ql/src/Security/CWE/CWE-312/CleartextStorageClass.ql

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,5 +19,5 @@ where
1919
input = s.getAnInput() and
2020
store = s.getAStore() and
2121
data.flowsTo(input)
22-
select store, "This stores the storable class $@ containing $@ which was.", s, s.toString(), data,
23-
"sensitive data", input, "previously added"
22+
select store, "This stores the storable class $@ containing $@ which was $@.", s, s.toString(),
23+
data, "sensitive data", input, "previously added"

java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.expected

Lines changed: 10 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,3 @@
1-
WARNING: Unused predicate getReportingNode (/Users/erik/dev/code/ql/java/ql/src/Security/CWE/CWE-022/TaintedPath.ql:64,16-32)
21
edges
32
| Test.java:19:18:19:38 | getHostName(...) : String | Test.java:24:20:24:23 | temp |
43
| Test.java:19:18:19:38 | getHostName(...) : String | Test.java:27:21:27:24 | temp |
@@ -37,14 +36,14 @@ nodes
3736
| Test.java:101:12:101:54 | new URI(...) | semmle.label | new URI(...) |
3837
subpaths
3938
#select
40-
| Test.java:24:20:24:23 | temp | Test.java:19:18:19:38 | getHostName(...) : String | Test.java:24:20:24:23 | temp | This path depends on a $@. | Test.java:19:18:19:38 | getHostName(...) | user-provided value |
41-
| Test.java:27:21:27:24 | temp | Test.java:19:18:19:38 | getHostName(...) : String | Test.java:27:21:27:24 | temp | This path depends on a $@. | Test.java:19:18:19:38 | getHostName(...) | user-provided value |
42-
| Test.java:30:44:30:47 | temp | Test.java:19:18:19:38 | getHostName(...) : String | Test.java:30:44:30:47 | temp | This path depends on a $@. | Test.java:19:18:19:38 | getHostName(...) | user-provided value |
43-
| Test.java:34:21:34:24 | temp | Test.java:19:18:19:38 | getHostName(...) : String | Test.java:34:21:34:24 | temp | This path depends on a $@. | Test.java:19:18:19:38 | getHostName(...) | user-provided value |
44-
| Test.java:82:67:82:81 | ... + ... | Test.java:79:74:79:97 | getInputStream(...) : ServletInputStream | Test.java:82:67:82:81 | ... + ... | This path depends on a $@. | Test.java:79:74:79:97 | getInputStream(...) | user-provided value |
39+
| Test.java:24:11:24:24 | new File(...) | Test.java:19:18:19:38 | getHostName(...) : String | Test.java:24:20:24:23 | temp | This path depends on a $@. | Test.java:19:18:19:38 | getHostName(...) | user-provided value |
40+
| Test.java:27:11:27:25 | get(...) | Test.java:19:18:19:38 | getHostName(...) : String | Test.java:27:21:27:24 | temp | This path depends on a $@. | Test.java:19:18:19:38 | getHostName(...) | user-provided value |
41+
| Test.java:30:11:30:48 | getPath(...) | Test.java:19:18:19:38 | getHostName(...) : String | Test.java:30:44:30:47 | temp | This path depends on a $@. | Test.java:19:18:19:38 | getHostName(...) | user-provided value |
42+
| Test.java:34:12:34:25 | new File(...) | Test.java:19:18:19:38 | getHostName(...) : String | Test.java:34:21:34:24 | temp | This path depends on a $@. | Test.java:19:18:19:38 | getHostName(...) | user-provided value |
43+
| Test.java:82:52:82:88 | new FileWriter(...) | Test.java:79:74:79:97 | getInputStream(...) : ServletInputStream | Test.java:82:67:82:81 | ... + ... | This path depends on a $@. | Test.java:79:74:79:97 | getInputStream(...) | user-provided value |
4544
| Test.java:90:26:90:29 | temp | Test.java:88:17:88:37 | getHostName(...) : String | Test.java:90:26:90:29 | temp | This path depends on a $@. | Test.java:88:17:88:37 | getHostName(...) | user-provided value |
46-
| Test.java:97:12:97:33 | new URI(...) | Test.java:95:14:95:34 | getHostName(...) : String | Test.java:97:12:97:33 | new URI(...) | This path depends on a $@. | Test.java:95:14:95:34 | getHostName(...) | user-provided value |
47-
| Test.java:98:12:98:33 | new URI(...) | Test.java:95:14:95:34 | getHostName(...) : String | Test.java:98:12:98:33 | new URI(...) | This path depends on a $@. | Test.java:95:14:95:34 | getHostName(...) | user-provided value |
48-
| Test.java:99:12:99:33 | new URI(...) | Test.java:95:14:95:34 | getHostName(...) : String | Test.java:99:12:99:33 | new URI(...) | This path depends on a $@. | Test.java:95:14:95:34 | getHostName(...) | user-provided value |
49-
| Test.java:100:12:100:45 | new URI(...) | Test.java:95:14:95:34 | getHostName(...) : String | Test.java:100:12:100:45 | new URI(...) | This path depends on a $@. | Test.java:95:14:95:34 | getHostName(...) | user-provided value |
50-
| Test.java:101:12:101:54 | new URI(...) | Test.java:95:14:95:34 | getHostName(...) : String | Test.java:101:12:101:54 | new URI(...) | This path depends on a $@. | Test.java:95:14:95:34 | getHostName(...) | user-provided value |
45+
| Test.java:97:3:97:34 | new File(...) | Test.java:95:14:95:34 | getHostName(...) : String | Test.java:97:12:97:33 | new URI(...) | This path depends on a $@. | Test.java:95:14:95:34 | getHostName(...) | user-provided value |
46+
| Test.java:98:3:98:34 | new File(...) | Test.java:95:14:95:34 | getHostName(...) : String | Test.java:98:12:98:33 | new URI(...) | This path depends on a $@. | Test.java:95:14:95:34 | getHostName(...) | user-provided value |
47+
| Test.java:99:3:99:34 | new File(...) | Test.java:95:14:95:34 | getHostName(...) : String | Test.java:99:12:99:33 | new URI(...) | This path depends on a $@. | Test.java:95:14:95:34 | getHostName(...) | user-provided value |
48+
| Test.java:100:3:100:46 | new File(...) | Test.java:95:14:95:34 | getHostName(...) : String | Test.java:100:12:100:45 | new URI(...) | This path depends on a $@. | Test.java:95:14:95:34 | getHostName(...) | user-provided value |
49+
| Test.java:101:3:101:55 | new File(...) | Test.java:95:14:95:34 | getHostName(...) : String | Test.java:101:12:101:54 | new URI(...) | This path depends on a $@. | Test.java:95:14:95:34 | getHostName(...) | user-provided value |

0 commit comments

Comments
 (0)