diff --git a/java/ql/src/Security/CWE/CWE-129/ArraySizing.qll b/java/ql/src/Security/CWE/CWE-129/ArraySizing.qll index 03d4c3fce4a..f6c519c32d4 100644 --- a/java/ql/src/Security/CWE/CWE-129/ArraySizing.qll +++ b/java/ql/src/Security/CWE/CWE-129/ArraySizing.qll @@ -66,16 +66,10 @@ class PointlessLoop extends WhileStmt { */ class CheckableArrayAccess extends ArrayAccess { CheckableArrayAccess() { - /* - * We are not interested in array accesses that don't access the first dimension. - */ - + // We are not interested in array accesses that don't access the first dimension. not this.getArray() instanceof ArrayAccess and - /* - * Array accesses within loops can make it difficult to verify whether the index is checked - * prior to access. Ignore "pointless" loops of the sort found in Juliet test cases. - */ - + // Array accesses within loops can make it difficult to verify whether the index is checked + // prior to access. Ignore "pointless" loops of the sort found in Juliet test cases. not exists(LoopStmt loop | loop.getBody().getAChild*() = getEnclosingStmt() and not loop instanceof PointlessLoop @@ -102,24 +96,15 @@ class CheckableArrayAccess extends ArrayAccess { * to the array being initialized with `sizeExpr`, which may be zero. */ predicate canThrowOutOfBoundsDueToEmptyArray(Expr sizeExpr, ArrayCreationExpr arrayCreation) { - /* - * Find an `ArrayCreationExpr` for the array used in this indexing operation. - */ - + // Find an `ArrayCreationExpr` for the array used in this indexing operation. exists(VariableAssign assign | assign.getSource() = arrayCreation and defUsePair(assign, this.getArray()) ) and - /* - * If the array access is protected by a conditional that verifies the index is less than the array - * length, then the array will never be accessed if the size is zero. - */ - + // If the array access is protected by a conditional that verifies the index is less than the array + // length, then the array will never be accessed if the size is zero. not lessthanLength(this) and - /* - * Verify that the size expression is never checked to be greater than 0. - */ - + // Verify that the size expression is never checked to be greater than 0. sizeExpr = arrayCreation.getDimension(0) and not lowerBound(sizeExpr) > 0 } @@ -167,11 +152,8 @@ class RandomValueFlowSource extends BoundedFlowSource { } int upperBound() { - /* - * If this call specified an argument to `nextInt()`, and that argument is a compile time constant, - * it forms the upper bound. - */ - + // If this call specified an argument to `nextInt()`, and that argument is a compile time constant, + // it forms the upper bound. this.asExpr().(MethodAccess).getCallee().hasName("nextInt") and this.asExpr().(MethodAccess).getNumArgument() = 1 and result = this.asExpr().(MethodAccess).getArgument(0).(CompileTimeConstantExpr).getIntValue() diff --git a/java/ql/src/Security/CWE/CWE-190/ArithmeticCommon.qll b/java/ql/src/Security/CWE/CWE-190/ArithmeticCommon.qll index aa9da9c7c3d..1b75f3b5440 100644 --- a/java/ql/src/Security/CWE/CWE-190/ArithmeticCommon.qll +++ b/java/ql/src/Security/CWE/CWE-190/ArithmeticCommon.qll @@ -3,11 +3,10 @@ import semmle.code.java.controlflow.Dominance import semmle.code.java.dataflow.DefUse import semmle.code.java.controlflow.Guards -/* - * The type of `exp` is narrower than or equal to `numType`, +/** + * Holds if the type of `exp` is narrower than or equal to `numType`, * or there is an enclosing cast to a type at least as narrow as 'numType'. */ - predicate narrowerThanOrEqualTo(ArithExpr exp, NumType numType) { exp.getType().(NumType).widerThan(numType) implies diff --git a/java/ql/src/semmle/code/xml/MavenPom.qll b/java/ql/src/semmle/code/xml/MavenPom.qll index 4bb2680fec3..eb70e823e61 100644 --- a/java/ql/src/semmle/code/xml/MavenPom.qll +++ b/java/ql/src/semmle/code/xml/MavenPom.qll @@ -52,11 +52,8 @@ class ProtoPom extends XMLElement { class Pom extends ProtoPom { Pom() { this.getName() = "project" and - /* - * Ignore "dependency-reduced-pom" files - these are generated by the - * shading plugin, and duplicate existing pom files. - */ - + // Ignore "dependency-reduced-pom" files - these are generated by the + // shading plugin, and duplicate existing pom files. this.getFile().getStem() != "dependency-reduced-pom" } @@ -260,24 +257,15 @@ class Dependency extends ProtoPom { class PomDependency extends Dependency { PomDependency() { exists(Pom source | - /* - * This dependency must be a dependency of a pom - dependency tags can also appear in the dependency - * management section, where they do not directly contribute to the dependencies of the containing - * pom. - */ - + // This dependency must be a dependency of a pom - dependency tags can also appear in the dependency + // management section, where they do not directly contribute to the dependencies of the containing + // pom. source.getADependency() = this and - /* - * Consider dependencies that can be used at compile time. - */ - + // Consider dependencies that can be used at compile time. ( getScope() = "compile" or - /* - * Provided dependencies are like compile time dependencies except (a) they are not packaged - * when creating the jar and (b) they are not transitive. - */ - + // Provided dependencies are like compile time dependencies except (a) they are not packaged + // when creating the jar and (b) they are not transitive. getScope() = "provided" // We ignore "test" dependencies because they can be runtime or compile time dependencies ) @@ -412,11 +400,8 @@ class MavenRepoJar extends File { string getGroupID() { exists(MavenRepo mr | mr.getAJarFile() = this | - /* - * Assuming the standard layout, the first part of the directory structure from the maven - * repository will be the groupId converted to a path by replacing "." with "/". - */ - + // Assuming the standard layout, the first part of the directory structure from the maven + // repository will be the groupId converted to a path by replacing "." with "/". result = getParentContainer() .getParentContainer() .getParentContainer()