fix most al/alert-message-violation in Java

Author: erik-krogh

java/ql/src/Frameworks/Spring/Architecture/Refactoring Opportunities/MissingParentBean.ql

@@ -34,6 +34,6 @@ where
   bean1.getBeanIdentifier() < bean2.getBeanIdentifier() and
   bean1 != bean2
 select bean1,
-  "Bean $@ has " + similarProps.toString() +
+  "This bean has " + similarProps.toString() +
     " properties similar to $@. Consider introducing a common parent bean for these two beans.",
-  bean1, bean1.getBeanIdentifier(), bean2, bean2.getBeanIdentifier()
+  bean2, bean2.getBeanIdentifier()

java/ql/src/Frameworks/Spring/Violations of Best Practice/ParentShouldNotUseAbstractClass.ql

@@ -26,5 +26,4 @@ class ParentBean extends SpringBean {
 
 from ParentBean parent
 where parent.getDeclaredClass().isAbstract()
-select parent, "Parent bean $@ should not have an abstract class.", parent,
-  parent.getBeanIdentifier()
+select parent, "This parent bean should not have an abstract class."

java/ql/src/Language Abuse/UselessNullCheck.ql

@@ -21,10 +21,10 @@ where
   e = clearlyNotNullExpr(reason) and
   (
     if reason instanceof Guard
-    then msg = "This check is useless, $@ cannot be null here, since it is guarded by $@."
+    then msg = "This check is useless. $@ cannot be null at this check, since it is guarded by $@."
     else
       if reason != e
-      then msg = "This check is useless, $@ cannot be null here, since $@ always is non-null."
+      then msg = "This check is useless. $@ cannot be null this check, since $@ always is non-null."
       else msg = "This check is useless, since $@ always is non-null."
   )
 select guard, msg, e, e.toString(), reason, reason.toString()

java/ql/src/Likely Bugs/Collections/IteratorRemoveMayFail.ql

@@ -72,5 +72,5 @@ where
   remove.getCallee().hasName("remove") and
   iterOfSpecialCollection(remove.getQualifier(), scc)
 select remove,
-  "This call may fail when iterating over the collection created $@, since it does not support element removal.",
-  scc, "here"
+  "This call may fail when iterating over $@, since it does not support element removal.",
+  scc, "the collection"

java/ql/src/Likely Bugs/Comparison/MissingInstanceofInEquals.ql

@@ -77,4 +77,4 @@ where
   // Exclude `equals` methods that implement reference-equality.
   not m instanceof ReferenceEquals and
   not m instanceof UnimplementedEquals
-select m, "equals() method does not check argument type."
+select m, "This 'equals()' method does not check argument type."

java/ql/src/Likely Bugs/Comparison/WrongNanComparison.ql

@@ -21,4 +21,4 @@ where
   eq.getAnOperand() = f.getAnAccess() and nanField(f) and f.getDeclaringType().hasName(classname)
 select eq,
   "This comparison will always yield the same result since 'NaN != NaN'. Consider using " +
-    classname + ".isNaN instead"
+    classname + ".isNaN instead."

java/ql/src/Likely Bugs/Concurrency/SleepWithLock.ql

@@ -23,4 +23,4 @@ where
     ma.getEnclosingStmt().getEnclosingStmt*() instanceof SynchronizedStmt or
     ma.getEnclosingCallable().isSynchronized()
   )
-select ma, "sleep() with lock held."
+select ma, "This calls 'Thread.sleep()' with a lock held."

java/ql/src/Likely Bugs/Concurrency/WaitWithTwoLocks.ql

@@ -27,4 +27,4 @@ where
   ma.getMethod().getDeclaringType().hasQualifiedName("java.lang", "Object") and
   ma.getEnclosingStmt().getEnclosingStmt*() = synch and
   synch.getEnclosingStmt+() instanceof Synched
-select ma, "wait() with two locks held."
+select ma, "This calls 'Object.wait()' with two locks held."

java/ql/src/Likely Bugs/Likely Typos/ContradictoryTypeChecks.ql

@@ -46,5 +46,5 @@ predicate contradictoryTypeCheck(Expr e, Variable v, RefType t, RefType sup, Exp
 
 from Expr e, Variable v, RefType t, RefType sup, Expr cond
 where contradictoryTypeCheck(e, v, t, sup, cond)
-select e, "Variable $@ cannot be of type $@ here, since $@ ensures that it is not of type $@.", v,
+select e, "This access of $@ cannot be of type $@, since $@ ensures that it is not of type $@.", v,
   v.getName(), t, t.getName(), cond, "this expression", sup, sup.getName()

java/ql/src/Likely Bugs/Nullness/NullAlways.ql

@@ -17,4 +17,4 @@ private import semmle.code.java.dataflow.Nullness
 
 from VarAccess access, SsaSourceVariable var
 where alwaysNullDeref(var, access)
-select access, "Variable $@ is always null here.", var.getVariable(), var.getVariable().getName()
+select access, "Variable $@ is always null at this access.", var.getVariable(), var.getVariable().getName()

java/ql/src/Likely Bugs/Nullness/NullMaybe.ql

@@ -24,5 +24,5 @@ where
   not alwaysNullDeref(var, access) and
   // Kotlin enforces this already:
   not access.getLocation().getFile().isKotlinSourceFile()
-select access, "Variable $@ may be null here " + msg + ".", var.getVariable(),
+select access, "Variable $@ may be null at this access " + msg + ".", var.getVariable(),
   var.getVariable().getName(), reason, "this"

java/ql/src/Likely Bugs/Serialization/IncorrectSerialVersionUID.ql

@@ -22,4 +22,4 @@ where
     not f.getType().hasName("long")
   ) and
   f.getDeclaringType().getAStrictAncestor() instanceof TypeSerializable
-select f, "serialVersionUID should be final, static, and of type long."
+select f, "'serialVersionUID' should be final, static, and of type long."

java/ql/src/Performance/InefficientOutputStream.ql

@@ -36,5 +36,5 @@ where
   // This is the case is some dummy implementations.
   exists(MethodAccess ma | ma.getEnclosingCallable() = m | ma.getMethod().getName() = "write")
 select c,
-  "This class extends java.io.OutputStream and implements $@, but does not override write(byte[],int,int)",
+  "This class extends 'java.io.OutputStream' and implements $@, but does not override 'write(byte[],int,int)'.",
   m, m.getName()

java/ql/src/Security/CWE/CWE-022/TaintedPathLocal.ql

@@ -41,5 +41,4 @@ where
   e = p.getAnInput() and
   conf.hasFlowPath(source, sink) and
   not guarded(e)
-select p, source, sink, "$@ flows to here and is used in a path.", source.getNode(),
-  "User-provided value"
+select p, source, sink, "This path depends on a $@.", source.getNode(), "user-provided value"

java/ql/src/Security/CWE/CWE-023/PartialPathTraversal.ql

@@ -13,4 +13,4 @@
 import semmle.code.java.security.PartialPathTraversal
 
 from PartialPathTraversalMethodAccess ma
-select ma, "Partial Path Traversal Vulnerability due to insufficient guard against path traversal"
+select ma, "Partial Path Traversal Vulnerability due to insufficient guard against path traversal."

java/ql/src/Security/CWE/CWE-023/PartialPathTraversalFromRemote.ql

@@ -16,4 +16,4 @@ import DataFlow::PathGraph
 from DataFlow::PathNode source, DataFlow::PathNode sink
 where any(PartialPathTraversalFromRemoteConfig config).hasFlowPath(source, sink)
 select sink.getNode(), source, sink,
-  "Partial Path Traversal Vulnerability due to insufficient guard against path traversal from user-supplied data"
+  "Partial Path Traversal Vulnerability due to insufficient guard against path traversal from user-supplied data."

java/ql/src/Security/CWE/CWE-078/ExecTainted.ql

@@ -20,5 +20,5 @@ import DataFlow::PathGraph
 
 from DataFlow::PathNode source, DataFlow::PathNode sink, ArgumentToExec execArg
 where execTainted(source, sink, execArg)
-select execArg, source, sink, "Command line depends on $@.", source.getNode(),
-  "a user-provided value"
+select execArg, source, sink, "Command line depends on a $@.", source.getNode(),
+  "user-provided value"

java/ql/src/Security/CWE/CWE-078/ExecTaintedLocal.ql

@@ -38,5 +38,5 @@ from
   DataFlow::PathNode source, DataFlow::PathNode sink, ArgumentToExec execArg,
   LocalUserInputToArgumentToExecFlowConfig conf
 where conf.hasFlowPath(source, sink) and sink.getNode().asExpr() = execArg
-select execArg, source, sink, "$@ flows to here and is used in a command.", source.getNode(),
-  "User-provided value"
+select execArg, source, sink, "Command line depends on a $@.", source.getNode(),
+  "user-provided value"

java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.ql

@@ -81,4 +81,4 @@ where
   ) and
   cfg.hasFlowPath(source, sink)
 select sink.getNode(), source, sink,
-  "Custom constraint error message contains unsanitized user data"
+  "Custom constraint error message contains unsanitized user data."

java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstruction.ql

@@ -33,5 +33,5 @@ where
   sizeExpr = sink.getNode().asExpr() and
   any(Conf conf).hasFlowPath(source, sink)
 select arrayAccess.getIndexExpr(), source, sink,
-  "The $@ is accessed here, but the array is initialized using $@ which may be zero.",
-  arrayCreation, "array", source.getNode(), "User-provided value"
+  "This accesses the $@, but the array is initialized using a $@ which may be zero.", arrayCreation,
+  "array", source.getNode(), "user-provided value"

java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionCodeSpecified.ql

@@ -38,5 +38,5 @@ where
   boundedsource = source.getNode() and
   any(BoundedFlowSourceConf conf).hasFlowPath(source, sink)
 select arrayAccess.getIndexExpr(), source, sink,
-  "The $@ is accessed here, but the array is initialized using $@ which may be zero.",
-  arrayCreation, "array", boundedsource, boundedsource.getDescription().toLowerCase()
+  "This accesses the $@, but the array is initialized using $@ which may be zero.", arrayCreation,
+  "array", boundedsource, boundedsource.getDescription().toLowerCase()

java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionLocal.ql

@@ -34,5 +34,5 @@ where
   sizeExpr = sink.getNode().asExpr() and
   any(Conf conf).hasFlowPath(source, sink)
 select arrayAccess.getIndexExpr(), source, sink,
-  "The $@ is accessed here, but the array is initialized using $@ which may be zero.",
-  arrayCreation, "array", source.getNode(), "User-provided value"
+  "This accesses the $@, but the array is initialized using a $@ which may be zero.", arrayCreation,
+  "array", source.getNode(), "user-provided value"

java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndex.ql

@@ -32,5 +32,5 @@ where
   arrayAccess.canThrowOutOfBounds(sink.getNode().asExpr()) and
   any(Conf conf).hasFlowPath(source, sink)
 select arrayAccess.getIndexExpr(), source, sink,
-  "$@ flows to here and is used as an index causing an ArrayIndexOutOfBoundsException.",
-  source.getNode(), "User-provided value"
+  "This index depends on a $@ which can cause an ArrayIndexOutOfBoundsException.", source.getNode(),
+  "user-provided value"

java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndexLocal.ql

@@ -31,5 +31,5 @@ where
   arrayAccess.canThrowOutOfBounds(sink.getNode().asExpr()) and
   any(Conf conf).hasFlowPath(source, sink)
 select arrayAccess.getIndexExpr(), source, sink,
-  "$@ flows to here and is used as an index causing an ArrayIndexOutOfBoundsException.",
-  source.getNode(), "User-provided value"
+  "This index depends on a $@ which can cause an ArrayIndexOutOfBoundsException.", source.getNode(),
+  "user-provided value"

java/ql/src/Security/CWE/CWE-134/ExternallyControlledFormatStringLocal.ql

@@ -31,5 +31,5 @@ from
   DataFlow::PathNode source, DataFlow::PathNode sink, StringFormat formatCall,
   ExternallyControlledFormatStringLocalConfig conf
 where conf.hasFlowPath(source, sink) and sink.getNode().asExpr() = formatCall.getFormatArgument()
-select formatCall.getFormatArgument(), source, sink,
-  "$@ flows to here and is used in a format string.", source.getNode(), "User-provided value"
+select formatCall.getFormatArgument(), source, sink, "Format string depends on $@.",
+  source.getNode(), "user-provided value"

java/ql/src/Security/CWE/CWE-190/ArithmeticTainted.ql

@@ -47,5 +47,5 @@ where
   underflowSink(exp, sink.getNode().asExpr()) and
   effect = "underflow"
 select exp, source, sink,
-  "$@ flows to here and is used in arithmetic, potentially causing an " + effect + ".",
-  source.getNode(), "User-provided value"
+  "This arithmetic expression depends on a $@, potentially causing an " + effect + ".",
+  source.getNode(), "user-provided value"

java/ql/src/Security/CWE/CWE-190/ArithmeticTaintedLocal.ql

@@ -47,5 +47,5 @@ where
   underflowSink(exp, sink.getNode().asExpr()) and
   effect = "underflow"
 select exp, source, sink,
-  "$@ flows to here and is used in arithmetic, potentially causing an " + effect + ".",
-  source.getNode(), "User-provided value"
+  "This arithmetic expression depends on a $@, potentially causing an " + effect + ".",
+  source.getNode(), "user-provided value"

java/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql

@@ -55,5 +55,5 @@ where
   underflowSink(exp, sink.getNode().asExpr()) and
   effect = "underflow"
 select exp, source, sink,
-  "$@ flows to here and is used in arithmetic, potentially causing an " + effect + ".",
-  source.getNode(), "Uncontrolled value"
+  "This arithmetic expression depends on a $@, potentially causing an " + effect + ".",
+  source.getNode(), "uncontrolled value"

java/ql/src/Security/CWE/CWE-295/InsecureTrustManager.ql

@@ -17,5 +17,6 @@ import DataFlow::PathGraph
 
 from DataFlow::PathNode source, DataFlow::PathNode sink
 where any(InsecureTrustManagerConfiguration cfg).hasFlowPath(source, sink)
-select sink, source, sink, "This $@, which is defined $@ and trusts any certificate, is used here.",
-  source, "TrustManager", source.getNode().asExpr().(ClassInstanceExpr).getConstructedType(), "here"
+select sink, source, sink, "This uses $@, which is defined in $@ and trusts any certificate.",
+  source, "TrustManager",
+  source.getNode().asExpr().(ClassInstanceExpr).getConstructedType() as type, type.nestedName()

java/ql/src/Security/CWE/CWE-297/InsecureJavaMail.ql

@@ -21,4 +21,4 @@ where
   isInsecureMailPropertyConfig(ma.getArgument(0).(VarAccess).getVariable())
   or
   enablesEmailSsl(ma) and not hasSslCertificateCheck(ma.getQualifier().(VarAccess).getVariable())
-select ma, "Java mailing has insecure SSL configuration"
+select ma, "Java mailing has insecure SSL configuration."

java/ql/src/Security/CWE/CWE-297/UnsafeHostnameVerification.ql

@@ -121,5 +121,5 @@ where
   not isNodeGuardedByFlag(sink.getNode()) and
   verifier = source.getNode().asExpr().(ClassInstanceExpr).getConstructedType()
 select sink, source, sink,
-  "$@ that is defined $@ and accepts any certificate as valid, is used here.", source,
-  "This hostname verifier", verifier, "here"
+  "This uses a $@ that is defined $@ and accepts any certificate as valid.", source,
+  "hostname verifier", verifier, "here"

java/ql/src/Security/CWE/CWE-312/CleartextStorageAndroidDatabase.ql

@@ -20,5 +20,5 @@ where
   input = s.getAnInput() and
   store = s.getAStore() and
   data.flowsTo(input)
-select store, "SQLite database $@ containing $@ is stored $@. Data was added $@.", s, s.toString(),
-  data, "sensitive data", store, "here", input, "here"
+select store, "This stores data in a SQLite database $@ containing $@ which was $@.", s,
+  s.toString(), data, "sensitive data", input, "previously added"

java/ql/src/Security/CWE/CWE-312/CleartextStorageAndroidFilesystem.ql

@@ -20,5 +20,5 @@ where
   input = s.getAnInput() and
   store = s.getAStore() and
   data.flowsTo(input)
-select store, "Local file $@ containing $@ is stored $@. Data was added $@.", s, s.toString(), data,
-  "sensitive data", store, "here", input, "here"
+select store, "This stores the local file $@ containing $@ which was $@.", s, s.toString(), data,
+  "sensitive data", input, "previously added"

java/ql/src/Security/CWE/CWE-312/CleartextStorageClass.ql

@@ -19,5 +19,5 @@ where
   input = s.getAnInput() and
   store = s.getAStore() and
   data.flowsTo(input)
-select store, "Storable class $@ containing $@ is stored here. Data was added $@.", s, s.toString(),
-  data, "sensitive data", input, "here"
+select store, "This stores the storable class $@ containing $@ which was.", s, s.toString(), data,
+  "sensitive data", input, "previously added"

java/ql/src/Security/CWE/CWE-312/CleartextStorageCookie.ql

@@ -18,5 +18,5 @@ where
   input = s.getAnInput() and
   store = s.getAStore() and
   data.flowsTo(input)
-select store, "Cookie $@ containing $@ is stored here. Data was added $@.", s, s.toString(), data,
-  "sensitive data", input, "here"
+select store, "This stores cookie $@ containing $@ which was $@.", s, s.toString(), data,
+  "sensitive data", input, "added to the cookie"

java/ql/src/Security/CWE/CWE-312/CleartextStorageProperties.ql

@@ -18,5 +18,5 @@ where
   input = s.getAnInput() and
   store = s.getAStore() and
   data.flowsTo(input)
-select store, "'Properties' class $@ containing $@ is stored here. Data was added $@.", s,
-  s.toString(), data, "sensitive data", input, "here"
+select store, "This stores 'Properties' class $@ containing $@ which was $@.", s, s.toString(),
+  data, "sensitive data", input, "previously added"

java/ql/src/Security/CWE/CWE-312/CleartextStorageSharedPrefs.ql

@@ -20,5 +20,5 @@ where
   input = s.getAnInput() and
   store = s.getAStore() and
   data.flowsTo(input)
-select store, "'SharedPreferences' class $@ containing $@ is stored $@. Data was added $@.", s,
-  s.toString(), data, "sensitive data", store, "here", input, "here"
+select store, "This stores the 'SharedPreferences' class $@ containing $@ which $@.", s,
+  s.toString(), data, "sensitive data", input, "was set as a shared preference"

java/ql/src/Security/CWE/CWE-347/MissingJWTSignatureCheck.ql

@@ -16,5 +16,5 @@ import DataFlow::PathGraph
 
 from DataFlow::PathNode source, DataFlow::PathNode sink, MissingJwtSignatureCheckConf conf
 where conf.hasFlowPath(source, sink)
-select sink.getNode(), source, sink, "A signing key is set $@, but the signature is not verified.",
-  source.getNode(), "here"
+select sink.getNode(), source, sink, "This parses a $@, but the signature is not verified.",
+  source.getNode(), "JWT signing key"

java/ql/src/Security/CWE/CWE-367/TOCTOURace.ql

@@ -121,5 +121,5 @@ where
   // The synchronized methods on `Throwable` are not interesting.
   not call1.getCallee().getDeclaringType() instanceof TypeThrowable
 select call2,
-  "The state of $@ is checked $@, and then it is used here. But these are not jointly synchronized.",
-  r, r.getName(), call1, "here"
+  "This uses the state of $@ which is checked $@. But these are not jointly synchronized.", r,
+  r.getName(), call1, "here"

java/ql/src/Security/CWE/CWE-643/XPathInjection.ql

@@ -27,5 +27,5 @@ class XPathInjectionConfiguration extends TaintTracking::Configuration {
 
 from DataFlow::PathNode source, DataFlow::PathNode sink, XPathInjectionConfiguration c
 where c.hasFlowPath(source, sink)
-select sink.getNode(), source, sink, "$@ flows to here and is used in an XPath expression.",
-  source.getNode(), "User-provided value"
+select sink.getNode(), source, sink, "XPath expression depends on a $@.", source.getNode(),
+  "user-provided value"

java/ql/src/Security/CWE/CWE-681/NumericCastTainted.ql

@@ -44,5 +44,5 @@ where
   sink.getNode().asExpr() = exp.getExpr() and
   conf.hasFlowPath(source, sink)
 select exp, source, sink,
-  "$@ flows to here and is cast to a narrower type, potentially causing truncation.",
-  source.getNode(), "User-provided value"
+  "This cast to a narrower type depends on a $@, potentially causing truncation.", source.getNode(),
+  "User-provided value"

java/ql/src/Security/CWE/CWE-681/NumericCastTaintedLocal.ql

@@ -46,5 +46,5 @@ where
   conf.hasFlowPath(source, sink) and
   not exists(RightShiftOp e | e.getShiftedVariable() = tainted.getVariable())
 select exp, source, sink,
-  "$@ flows to here and is cast to a narrower type, potentially causing truncation.",
-  source.getNode(), "User-provided value"
+  "This cast to a narrower type depends on a $@, potentially causing truncation.", source.getNode(),
+  "User-provided value"

java/ql/src/Security/CWE/CWE-732/ReadingFromWorldWritableFile.ql

@@ -22,5 +22,5 @@ where
   fileVariable.getAnAccess() = setWorldWritable.getFileVarAccess() and
   // If the file variable is a parameter, the result should be reported in the caller.
   not fileVariable instanceof Parameter
-select setWorldWritable, "A file is set to be world writable here, but is read from $@.", readFrom,
+select setWorldWritable, "This sets a file is as world writable, but is read from $@.", readFrom,
   "statement"

java/ql/src/Security/CWE/CWE-780/RsaWithoutOaep.ql

@@ -16,5 +16,5 @@ import DataFlow::PathGraph
 
 from RsaWithoutOaepConfig conf, DataFlow::PathNode source, DataFlow::PathNode sink
 where conf.hasFlowPath(source, sink)
-select source, source, sink,
-  "This specification is used to initialize an RSA cipher without OAEP padding $@.", sink, "here"
+select source, source, sink, "This specification is used to $@ without OAEP padding.", sink,
+  "initialize an RSA cipher"

java/ql/src/Security/CWE/CWE-925/ImproperIntentVerification.ql

@@ -15,5 +15,5 @@ import semmle.code.java.security.ImproperIntentVerificationQuery
 
 from AndroidReceiverXmlElement reg, Method orm, SystemActionName sa
 where unverifiedSystemReceiver(reg, orm, sa)
-select orm, "This reciever doesn't verify intents it receives, and is registered $@ to receive $@.",
-  reg, "here", sa, "the system action " + sa.getName()
+select orm, "This reciever doesn't verify intents it receives, and $@ to receive $@.", reg,
+  "it is registered", sa, "the system action " + sa.getName()

java/ql/src/Security/CWE/CWE-927/ImplicitPendingIntents.ql

@@ -20,5 +20,5 @@ import DataFlow::PathGraph
 from DataFlow::PathNode source, DataFlow::PathNode sink
 where any(ImplicitPendingIntentStartConf conf).hasFlowPath(source, sink)
 select sink.getNode(), source, sink,
-  "An implicit Intent is created $@ and sent to an unspecified third party through a PendingIntent.",
-  source.getNode(), "here"
+  "$@ and sent to an unspecified third party through a PendingIntent.", source.getNode(),
+  "An implicit Intent is created"

java/ql/src/Security/CWE/CWE-927/SensitiveCommunication.ql

@@ -17,5 +17,5 @@ import DataFlow::PathGraph
 
 from SensitiveCommunicationConfig cfg, DataFlow::PathNode source, DataFlow::PathNode sink
 where cfg.hasFlowPath(source, sink)
-select sink.getNode(), source, sink, "This call may leak sensitive information from $@.",
-  source.getNode(), "here"
+select sink.getNode(), source, sink, "This call may leak $@.", source.getNode(),
+  "sensitive information"

java/ql/src/Violations of Best Practice/Dead Code/NonAssignedFields.ql

@@ -87,5 +87,5 @@ where
   // Exclude special VM classes.
   not isVMObserver(f.getDeclaringType())
 select f,
-  "The field '" + f.getName() + "' is never explicitly assigned a value, yet it is read $@.", fr,
-  "here"
+  "The field '" + f.getName() + "' is never explicitly assigned a value, yet $@.", fr,
+  "the field is read"

java/ql/src/Violations of Best Practice/Undesirable Calls/NextFromIterator.ql

@@ -23,4 +23,4 @@ where
     hasNext.getDeclaringType().getSourceDeclaration().getAnAncestor() = i and
     hasNext.hasName("hasNext")
   )
-select m, "next() called from within an Iterator method."
+select m, "This calls 'next()' from within an Iterator method."

java/ql/src/experimental/Security/CWE/CWE-020/Log4jJndiInjection.ql

@@ -203,5 +203,5 @@ class Log4jInjectionConfiguration extends TaintTracking::Configuration {
 
 from Log4jInjectionConfiguration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
 where cfg.hasFlowPath(source, sink)
-select sink.getNode(), source, sink, "This $@ flows to a Log4j log entry.", source.getNode(),
+select sink.getNode(), source, sink, "Log4j log entry depends on a $@.", source.getNode(),
   "user-provided value"