Merge pull request #12751 from egregius313/egregius313/dataflow-refactor-cleanup

Java: Finish dataflow refactor
2026-04-28 02:05:14 +02:00 · 2023-04-14 10:35:11 -04:00
parent ba982e2f85 f106783c39
commit 38826c98f1
9 changed files with 117 additions and 43 deletions
--- a/java/ql/src/Security/CWE/CWE-798/HardcodedCredentialsSourceCall.ql
+++ b/java/ql/src/Security/CWE/CWE-798/HardcodedCredentialsSourceCall.ql
@@ -12,11 +12,11 @@

 import java
 import semmle.code.java.security.HardcodedCredentialsSourceCallQuery
-import DataFlow::PathGraph
+import HardcodedCredentialSourceCallFlow::PathGraph

 from
-  DataFlow::PathNode source, DataFlow::PathNode sink,
-  HardcodedCredentialSourceCallConfiguration conf
-where conf.hasFlowPath(source, sink)
+  HardcodedCredentialSourceCallFlow::PathNode source,
+  HardcodedCredentialSourceCallFlow::PathNode sink
+where HardcodedCredentialSourceCallFlow::flowPath(source, sink)
 select source.getNode(), source, sink, "Hard-coded value flows to $@.", sink.getNode(),
  "sensitive call"
--- a/java/ql/src/Security/CWE/CWE-927/SensitiveResultReceiver.ql
+++ b/java/ql/src/Security/CWE/CWE-927/SensitiveResultReceiver.ql
@@ -13,9 +13,11 @@

 import java
 import semmle.code.java.security.SensitiveResultReceiverQuery
-import DataFlow::PathGraph
+import SensitiveResultReceiverFlow::PathGraph

-from DataFlow::PathNode src, DataFlow::PathNode sink, DataFlow::Node recSrc
-where sensitiveResultReceiver(src, sink, recSrc)
+from
+  SensitiveResultReceiverFlow::PathNode src, SensitiveResultReceiverFlow::PathNode sink,
+  DataFlow::Node recSrc
+where isSensitiveResultReceiver(src, sink, recSrc)
 select sink, src, sink, "This $@ is sent to a ResultReceiver obtained from $@.", src,
  "sensitive information", recSrc, "this untrusted source"