From 1a072f3bb96281bd10f467697775836236fd3a5f Mon Sep 17 00:00:00 2001
From: luchua-bc <shengxin.canada@gmail.com>
Date: Fri, 14 May 2021 20:38:23 +0000
Subject: [PATCH] Move APIs from predicates flagged auto-generated to the other
 section

---
 java/ql/src/Security/CWE/CWE-798/SensitiveApi.qll | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/java/ql/src/Security/CWE/CWE-798/SensitiveApi.qll b/java/ql/src/Security/CWE/CWE-798/SensitiveApi.qll
index 928a3562ec6..afbefb7b878 100644
--- a/java/ql/src/Security/CWE/CWE-798/SensitiveApi.qll
+++ b/java/ql/src/Security/CWE/CWE-798/SensitiveApi.qll
@@ -129,9 +129,7 @@ private predicate javaApiCallablePasswordParam(string s) {
   s = "sun.tools.jconsole.ProxyClient;ProxyClient(String, int, String, String);3" or
   s = "sun.tools.jconsole.ProxyClient;getProxyClient(String, int, String, String);3" or
   s = "sun.tools.jconsole.ProxyClient;getProxyClient(String, String, String);2" or
-  s = "sun.tools.jconsole.ProxyClient;getCacheKey(String, int, String, String);3" or
-  s = "com.amazonaws.auth.BasicAWSCredentials;BasicAWSCredentials(String, String);1" or
-  s = "com.azure.identity.UsernamePasswordCredentialBuilder;password(String);0"
+  s = "sun.tools.jconsole.ProxyClient;getCacheKey(String, int, String, String);3"
 }
 
 /**
@@ -202,9 +200,7 @@ private predicate javaApiCallableUsernameParam(string s) {
   s = "sun.tools.jconsole.ProxyClient;getProxyClient(String, String, String);1" or
   s = "sun.tools.jconsole.ProxyClient;getConnectionName(String, String);1" or
   s = "sun.tools.jconsole.ProxyClient;getProxyClient(String, int, String, String);2" or
-  s = "sun.tools.jconsole.ProxyClient;getConnectionName(String, int, String);2" or
-  s = "com.amazonaws.auth.BasicAWSCredentials;BasicAWSCredentials(String, String);0" or
-  s = "com.azure.identity.UsernamePasswordCredentialBuilder;username(String);0"
+  s = "sun.tools.jconsole.ProxyClient;getConnectionName(String, int, String);2"
 }
 
 /**
@@ -513,6 +509,9 @@ private predicate otherApiCallableCredentialParam(string s) {
     "org.springframework.security.core.userdetails.User;User(String, String, boolean, boolean, boolean, boolean, Collection<? extends GrantedAuthority>);0" or
   s =
     "org.springframework.security.core.userdetails.User;User(String, String, boolean, boolean, boolean, boolean, Collection<? extends GrantedAuthority>);1" or
+  s = "com.amazonaws.auth.BasicAWSCredentials;BasicAWSCredentials(String, String);0" or
+  s = "com.amazonaws.auth.BasicAWSCredentials;BasicAWSCredentials(String, String);1" or
+  s = "com.azure.identity.UsernamePasswordCredentialBuilder;username(String);0" or
+  s = "com.azure.identity.UsernamePasswordCredentialBuilder;password(String);0" or
   s = "com.azure.identity.ClientSecretCredentialBuilder;clientSecret(String);0"
-
 }