Java: Re-factor most queries and tests to use threat models.

2025-12-24 04:36:35 +01:00 · 2023-10-04 14:01:58 +02:00
parent f0fb065446
commit 40e63a63e2
74 changed files with 105 additions and 91 deletions
--- a/java/ql/lib/semmle/code/java/security/TemplateInjection.qll
+++ b/java/ql/lib/semmle/code/java/security/TemplateInjection.qll
@@ -62,7 +62,7 @@ abstract class TemplateInjectionSanitizerWithState extends DataFlow::Node {
  abstract predicate hasState(DataFlow::FlowState state);
 }

-private class DefaultTemplateInjectionSource extends TemplateInjectionSource instanceof RemoteFlowSource
+private class DefaultTemplateInjectionSource extends TemplateInjectionSource instanceof ThreatModelFlowSource
 { }

 private class DefaultTemplateInjectionSink extends TemplateInjectionSink {