diff --git a/config/identical-files.json b/config/identical-files.json index 5845b3781bb..5a8efc3405a 100644 --- a/config/identical-files.json +++ b/config/identical-files.json @@ -359,12 +359,12 @@ "python/ql/test/TestUtilities/InlineExpectationsTest.qll" ], "C++ ExternalAPIs": [ - "cpp/ql/src/semmle/code/cpp/security/ExternalAPIs.qll", - "cpp/ql/src/semmle/code/cpp/security/ir/ExternalAPIs.qll" + "cpp/ql/src/Security/CWE/CWE-020/ExternalAPIs.qll", + "cpp/ql/src/Security/CWE/CWE-020/ir/ExternalAPIs.qll" ], "C++ SafeExternalAPIFunction": [ - "cpp/ql/src/semmle/code/cpp/security/implementation/SafeExternalAPIFunction.qll", - "cpp/ql/src/semmle/code/cpp/security/ir/implementation/SafeExternalAPIFunction.qll" + "cpp/ql/src/Security/CWE/CWE-020/SafeExternalAPIFunction.qll", + "cpp/ql/src/Security/CWE/CWE-020/ir/SafeExternalAPIFunction.qll" ], "XML": [ "cpp/ql/src/semmle/code/cpp/XML.qll", diff --git a/cpp/ql/src/Security/CWE/CWE-020/CountUntrustedDataToExternalAPI.ql b/cpp/ql/src/Security/CWE/CWE-020/CountUntrustedDataToExternalAPI.ql index 5faf2957cb1..8c75e8da6e2 100644 --- a/cpp/ql/src/Security/CWE/CWE-020/CountUntrustedDataToExternalAPI.ql +++ b/cpp/ql/src/Security/CWE/CWE-020/CountUntrustedDataToExternalAPI.ql @@ -9,7 +9,7 @@ */ import cpp -import semmle.code.cpp.security.ExternalAPIs +import ExternalAPIs from ExternalAPIUsedWithUntrustedData externalAPI select externalAPI, count(externalAPI.getUntrustedDataNode()) as numberOfUses, diff --git a/cpp/ql/src/semmle/code/cpp/security/ExternalAPIs.qll b/cpp/ql/src/Security/CWE/CWE-020/ExternalAPIs.qll similarity index 97% rename from cpp/ql/src/semmle/code/cpp/security/ExternalAPIs.qll rename to cpp/ql/src/Security/CWE/CWE-020/ExternalAPIs.qll index f7fc4ee8c50..29d5b20cfc4 100644 --- a/cpp/ql/src/semmle/code/cpp/security/ExternalAPIs.qll +++ b/cpp/ql/src/Security/CWE/CWE-020/ExternalAPIs.qll @@ -6,7 +6,7 @@ private import cpp private import semmle.code.cpp.models.interfaces.DataFlow private import semmle.code.cpp.models.interfaces.Taint -import implementation.ExternalAPIsSpecific +import ExternalAPIsSpecific /** A node representing untrusted data being passed to an external API. */ class UntrustedExternalAPIDataNode extends ExternalAPIDataNode { diff --git a/cpp/ql/src/semmle/code/cpp/security/implementation/ExternalAPIsSpecific.qll b/cpp/ql/src/Security/CWE/CWE-020/ExternalAPIsSpecific.qll similarity index 100% rename from cpp/ql/src/semmle/code/cpp/security/implementation/ExternalAPIsSpecific.qll rename to cpp/ql/src/Security/CWE/CWE-020/ExternalAPIsSpecific.qll diff --git a/cpp/ql/src/Security/CWE/CWE-020/IRCountUntrustedDataToExternalAPI.ql b/cpp/ql/src/Security/CWE/CWE-020/IRCountUntrustedDataToExternalAPI.ql index 3e7f453d8ad..4d0c2174809 100644 --- a/cpp/ql/src/Security/CWE/CWE-020/IRCountUntrustedDataToExternalAPI.ql +++ b/cpp/ql/src/Security/CWE/CWE-020/IRCountUntrustedDataToExternalAPI.ql @@ -9,7 +9,7 @@ */ import cpp -import semmle.code.cpp.security.ir.ExternalAPIs +import ir.ExternalAPIs from ExternalAPIUsedWithUntrustedData externalAPI select externalAPI, count(externalAPI.getUntrustedDataNode()) as numberOfUses, diff --git a/cpp/ql/src/Security/CWE/CWE-020/IRUntrustedDataToExternalAPI.ql b/cpp/ql/src/Security/CWE/CWE-020/IRUntrustedDataToExternalAPI.ql index b51a099193b..e4f0cc7883d 100644 --- a/cpp/ql/src/Security/CWE/CWE-020/IRUntrustedDataToExternalAPI.ql +++ b/cpp/ql/src/Security/CWE/CWE-020/IRUntrustedDataToExternalAPI.ql @@ -10,7 +10,7 @@ import cpp import semmle.code.cpp.ir.dataflow.TaintTracking -import semmle.code.cpp.security.ir.ExternalAPIs +import ir.ExternalAPIs import semmle.code.cpp.security.FlowSources import DataFlow::PathGraph diff --git a/cpp/ql/src/semmle/code/cpp/security/implementation/SafeExternalAPIFunction.qll b/cpp/ql/src/Security/CWE/CWE-020/SafeExternalAPIFunction.qll similarity index 89% rename from cpp/ql/src/semmle/code/cpp/security/implementation/SafeExternalAPIFunction.qll rename to cpp/ql/src/Security/CWE/CWE-020/SafeExternalAPIFunction.qll index 01312ada7ba..dc5ca91cebd 100644 --- a/cpp/ql/src/semmle/code/cpp/security/implementation/SafeExternalAPIFunction.qll +++ b/cpp/ql/src/Security/CWE/CWE-020/SafeExternalAPIFunction.qll @@ -3,6 +3,7 @@ */ private import cpp +private import semmle.code.cpp.models.implementations.Pure /** * A `Function` that is considered a "safe" external API from a security perspective. diff --git a/cpp/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.ql b/cpp/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.ql index c59c3487fc4..ca6d2d00e8c 100644 --- a/cpp/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.ql +++ b/cpp/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.ql @@ -10,7 +10,7 @@ import cpp import semmle.code.cpp.dataflow.TaintTracking -import semmle.code.cpp.security.ExternalAPIs +import ExternalAPIs import DataFlow::PathGraph from UntrustedDataToExternalAPIConfig config, DataFlow::PathNode source, DataFlow::PathNode sink diff --git a/cpp/ql/src/semmle/code/cpp/security/ir/ExternalAPIs.qll b/cpp/ql/src/Security/CWE/CWE-020/ir/ExternalAPIs.qll similarity index 97% rename from cpp/ql/src/semmle/code/cpp/security/ir/ExternalAPIs.qll rename to cpp/ql/src/Security/CWE/CWE-020/ir/ExternalAPIs.qll index f7fc4ee8c50..29d5b20cfc4 100644 --- a/cpp/ql/src/semmle/code/cpp/security/ir/ExternalAPIs.qll +++ b/cpp/ql/src/Security/CWE/CWE-020/ir/ExternalAPIs.qll @@ -6,7 +6,7 @@ private import cpp private import semmle.code.cpp.models.interfaces.DataFlow private import semmle.code.cpp.models.interfaces.Taint -import implementation.ExternalAPIsSpecific +import ExternalAPIsSpecific /** A node representing untrusted data being passed to an external API. */ class UntrustedExternalAPIDataNode extends ExternalAPIDataNode { diff --git a/cpp/ql/src/semmle/code/cpp/security/ir/implementation/ExternalAPIsSpecific.qll b/cpp/ql/src/Security/CWE/CWE-020/ir/ExternalAPIsSpecific.qll similarity index 100% rename from cpp/ql/src/semmle/code/cpp/security/ir/implementation/ExternalAPIsSpecific.qll rename to cpp/ql/src/Security/CWE/CWE-020/ir/ExternalAPIsSpecific.qll diff --git a/cpp/ql/src/semmle/code/cpp/security/ir/implementation/SafeExternalAPIFunction.qll b/cpp/ql/src/Security/CWE/CWE-020/ir/SafeExternalAPIFunction.qll similarity index 89% rename from cpp/ql/src/semmle/code/cpp/security/ir/implementation/SafeExternalAPIFunction.qll rename to cpp/ql/src/Security/CWE/CWE-020/ir/SafeExternalAPIFunction.qll index 01312ada7ba..dc5ca91cebd 100644 --- a/cpp/ql/src/semmle/code/cpp/security/ir/implementation/SafeExternalAPIFunction.qll +++ b/cpp/ql/src/Security/CWE/CWE-020/ir/SafeExternalAPIFunction.qll @@ -3,6 +3,7 @@ */ private import cpp +private import semmle.code.cpp.models.implementations.Pure /** * A `Function` that is considered a "safe" external API from a security perspective.