diff --git a/java/ql/src/Security/CWE/CWE-297/UnsafeHostnameVerification.ql b/java/ql/src/Security/CWE/CWE-297/UnsafeHostnameVerification.ql index f17808864af..75ecd1112d0 100644 --- a/java/ql/src/Security/CWE/CWE-297/UnsafeHostnameVerification.ql +++ b/java/ql/src/Security/CWE/CWE-297/UnsafeHostnameVerification.ql @@ -97,9 +97,7 @@ private class FlagType extends Type { FlagType() { this instanceof TypeString or - exists(BoxedType boxedBoolean | boxedBoolean.getPrimitiveType().hasName("boolean") | - this = boxedBoolean or this = boxedBoolean.getPrimitiveType() - ) + this instanceof BooleanType } } diff --git a/java/ql/src/semmle/code/java/security/Encryption.qll b/java/ql/src/semmle/code/java/security/Encryption.qll index 084254b5a41..0fb491d7499 100644 --- a/java/ql/src/semmle/code/java/security/Encryption.qll +++ b/java/ql/src/semmle/code/java/security/Encryption.qll @@ -29,7 +29,7 @@ class SSLContext extends RefType { SSLContext() { hasQualifiedName("javax.net.ssl", "SSLContext") } } -/** Models the `javax.net.ssl.SSLSession` class. */ +/** The `javax.net.ssl.SSLSession` class. */ class SSLSession extends RefType { SSLSession() { hasQualifiedName("javax.net.ssl", "SSLSession") } } @@ -38,7 +38,7 @@ class HostnameVerifier extends RefType { HostnameVerifier() { hasQualifiedName("javax.net.ssl", "HostnameVerifier") } } -/** Models the `verify` method of the class `javax.net.ssl.HostnameVerifier`. */ +/** The `verify` method of the class `javax.net.ssl.HostnameVerifier`. */ class HostnameVerifierVerify extends Method { HostnameVerifierVerify() { hasName("verify") and @@ -83,7 +83,7 @@ class SetHostnameVerifierMethod extends Method { } } -/** Models the `setDefaultHostnameVerifier` method of the class `javax.net.ssl.HttpsURLConnection`. */ +/** The `setDefaultHostnameVerifier` method of the class `javax.net.ssl.HttpsURLConnection`. */ class SetDefaultHostnameVerifierMethod extends Method { SetDefaultHostnameVerifierMethod() { hasName("setDefaultHostnameVerifier") and