From 5f3c8fef3fadb617fd5d550c3678095762ee14e8 Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Fri, 28 Apr 2023 07:51:07 -0400 Subject: [PATCH] Privacy markers and fixed imports --- .../java/security/ArithmeticTaintedLocalQuery.qll | 4 ++-- .../java/security/ArithmeticUncontrolledQuery.qll | 2 +- .../security/ArithmeticWithExtremeValuesQuery.qll | 8 ++++---- .../java/security/BrokenCryptoAlgorithmQuery.qll | 4 ++-- .../code/java/security/ExecTaintedLocalQuery.qll | 5 ++--- .../ExternallyControlledFormatStringLocalQuery.qll | 4 ++-- ...lidationOfArrayConstructionCodeSpecifiedQuery.qll | 4 ++-- ...properValidationOfArrayConstructionLocalQuery.qll | 4 ++-- .../ImproperValidationOfArrayConstructionQuery.qll | 6 +++--- ...roperValidationOfArrayIndexCodeSpecifiedQuery.qll | 6 +++--- .../ImproperValidationOfArrayIndexLocalQuery.qll | 4 ++-- .../security/ImproperValidationOfArrayIndexQuery.qll | 4 ++-- .../code/java/security/InsecureCookieQuery.qll | 2 +- .../code/java/security/NumericCastTaintedQuery.qll | 12 ++++++------ .../java/security/ResponseSplittingLocalQuery.qll | 4 ++-- .../code/java/security/SqlConcatenatedQuery.qll | 2 +- .../code/java/security/SqlTaintedLocalQuery.qll | 6 +++--- .../code/java/security/StackTraceExposureQuery.qll | 4 ++-- .../java/security/TaintedPermissionsCheckQuery.qll | 4 ++-- .../TempDirLocalInformationDisclosureQuery.qll | 2 +- .../code/java/security/UrlRedirectLocalQuery.qll | 4 ++-- .../semmle/code/java/security/UrlRedirectQuery.qll | 4 ++-- .../code/java/security/XPathInjectionQuery.qll | 7 ++++--- .../lib/semmle/code/java/security/XssLocalQuery.qll | 6 +++--- .../code/java/security/internal/ArraySizing.qll | 6 +++--- .../CWE-129/ImproperValidationOfArrayConstruction.ql | 1 + ...operValidationOfArrayConstructionCodeSpecified.ql | 1 + .../ImproperValidationOfArrayConstructionLocal.ql | 1 + .../CWE/CWE-129/ImproperValidationOfArrayIndex.ql | 1 + .../ImproperValidationOfArrayIndexCodeSpecified.ql | 2 ++ .../CWE-129/ImproperValidationOfArrayIndexLocal.ql | 1 + .../CWE-134/ExternallyControlledFormatStringLocal.ql | 1 + .../Security/CWE/CWE-190/ArithmeticTaintedLocal.ql | 2 ++ .../src/Security/CWE/CWE-209/StackTraceExposure.ql | 1 + .../Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql | 1 + .../security/CWE-643/XPathInjectionTest.ql | 1 + 36 files changed, 72 insertions(+), 59 deletions(-) diff --git a/java/ql/lib/semmle/code/java/security/ArithmeticTaintedLocalQuery.qll b/java/ql/lib/semmle/code/java/security/ArithmeticTaintedLocalQuery.qll index 5ef915c6afc..c33414f59be 100644 --- a/java/ql/lib/semmle/code/java/security/ArithmeticTaintedLocalQuery.qll +++ b/java/ql/lib/semmle/code/java/security/ArithmeticTaintedLocalQuery.qll @@ -1,8 +1,8 @@ /** Provides taint-tracking configurations to reason about arithmetic using local-user-controlled data. */ import java -import semmle.code.java.dataflow.FlowSources -import semmle.code.java.security.ArithmeticCommon +private import semmle.code.java.dataflow.FlowSources +private import semmle.code.java.security.ArithmeticCommon /** * A taint-tracking configuration to reason about arithmetic overflow using local-user-controlled data. diff --git a/java/ql/lib/semmle/code/java/security/ArithmeticUncontrolledQuery.qll b/java/ql/lib/semmle/code/java/security/ArithmeticUncontrolledQuery.qll index 4777ccf3f99..a5fa0d3ee4b 100644 --- a/java/ql/lib/semmle/code/java/security/ArithmeticUncontrolledQuery.qll +++ b/java/ql/lib/semmle/code/java/security/ArithmeticUncontrolledQuery.qll @@ -1,7 +1,7 @@ /** Provides taint-tracking configuration to reason about arithmetic with uncontrolled values. */ import java -import semmle.code.java.dataflow.TaintTracking +private import semmle.code.java.dataflow.TaintTracking private import semmle.code.java.security.RandomQuery private import semmle.code.java.security.SecurityTests private import semmle.code.java.security.ArithmeticCommon diff --git a/java/ql/lib/semmle/code/java/security/ArithmeticWithExtremeValuesQuery.qll b/java/ql/lib/semmle/code/java/security/ArithmeticWithExtremeValuesQuery.qll index 5a7564d84ad..0a22619e6fa 100644 --- a/java/ql/lib/semmle/code/java/security/ArithmeticWithExtremeValuesQuery.qll +++ b/java/ql/lib/semmle/code/java/security/ArithmeticWithExtremeValuesQuery.qll @@ -1,8 +1,8 @@ /** Provides predicates and classes for reasoning about arithmetic with extreme values. */ import java -import semmle.code.java.dataflow.DataFlow -import ArithmeticCommon +private import semmle.code.java.dataflow.DataFlow +private import semmle.code.java.security.ArithmeticCommon /** * A field representing an extreme value. @@ -14,12 +14,12 @@ abstract class ExtremeValueField extends Field { } /** A field representing the minimum value of a primitive type. */ -class MinValueField extends ExtremeValueField { +private class MinValueField extends ExtremeValueField { MinValueField() { this.getName() = "MIN_VALUE" } } /** A field representing the maximum value of a primitive type. */ -class MaxValueField extends ExtremeValueField { +private class MaxValueField extends ExtremeValueField { MaxValueField() { this.getName() = "MAX_VALUE" } } diff --git a/java/ql/lib/semmle/code/java/security/BrokenCryptoAlgorithmQuery.qll b/java/ql/lib/semmle/code/java/security/BrokenCryptoAlgorithmQuery.qll index a3ab06ddf6c..a78f33e1ac6 100644 --- a/java/ql/lib/semmle/code/java/security/BrokenCryptoAlgorithmQuery.qll +++ b/java/ql/lib/semmle/code/java/security/BrokenCryptoAlgorithmQuery.qll @@ -1,8 +1,8 @@ /** Provides to taint-tracking configuration to reason about the use of broken or risky cryptographic algorithms. */ import java -import semmle.code.java.security.Encryption -import semmle.code.java.dataflow.TaintTracking +private import semmle.code.java.security.Encryption +private import semmle.code.java.dataflow.TaintTracking private class ShortStringLiteral extends StringLiteral { ShortStringLiteral() { this.getValue().length() < 100 } diff --git a/java/ql/lib/semmle/code/java/security/ExecTaintedLocalQuery.qll b/java/ql/lib/semmle/code/java/security/ExecTaintedLocalQuery.qll index cb444372b72..3a00bf9a83a 100644 --- a/java/ql/lib/semmle/code/java/security/ExecTaintedLocalQuery.qll +++ b/java/ql/lib/semmle/code/java/security/ExecTaintedLocalQuery.qll @@ -6,7 +6,7 @@ private import semmle.code.java.security.ExternalProcess private import semmle.code.java.security.CommandArguments /** A taint-tracking configuration to reason about use of externally controlled strings to make command line commands. */ -module LocalUserInputToArgumentToExecFlowConfig implements DataFlow::ConfigSig { +module ExecTaintedLocalConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node src) { src instanceof LocalUserInput } predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof ArgumentToExec } @@ -23,5 +23,4 @@ module LocalUserInputToArgumentToExecFlowConfig implements DataFlow::ConfigSig { /** * Taint-tracking flow for use of externally controlled strings to make command line commands. */ -module LocalUserInputToArgumentToExecFlow = - TaintTracking::Global; +module ExecTaintedLocalFlow = TaintTracking::Global; diff --git a/java/ql/lib/semmle/code/java/security/ExternallyControlledFormatStringLocalQuery.qll b/java/ql/lib/semmle/code/java/security/ExternallyControlledFormatStringLocalQuery.qll index 111b6b7f5d4..34c23682221 100644 --- a/java/ql/lib/semmle/code/java/security/ExternallyControlledFormatStringLocalQuery.qll +++ b/java/ql/lib/semmle/code/java/security/ExternallyControlledFormatStringLocalQuery.qll @@ -1,8 +1,8 @@ /** Provides a taint-tracking configuration to reason about externally-controlled format strings from local sources. */ import java -import semmle.code.java.dataflow.FlowSources -import semmle.code.java.StringFormat +private import semmle.code.java.dataflow.FlowSources +private import semmle.code.java.StringFormat /** A taint-tracking configuration to reason about externally-controlled format strings from local sources. */ module ExternallyControlledFormatStringLocalConfig implements DataFlow::ConfigSig { diff --git a/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayConstructionCodeSpecifiedQuery.qll b/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayConstructionCodeSpecifiedQuery.qll index 85c05f6b78c..a6f10913da5 100644 --- a/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayConstructionCodeSpecifiedQuery.qll +++ b/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayConstructionCodeSpecifiedQuery.qll @@ -1,8 +1,8 @@ /** Provides a dataflow configuration to reason about improper validation of code-specified size used for array construction. */ import java -import semmle.code.java.security.internal.ArraySizing -import semmle.code.java.dataflow.TaintTracking +private import semmle.code.java.security.internal.ArraySizing +private import semmle.code.java.dataflow.TaintTracking /** * A dataflow configuration to reason about improper validation of code-specified size used for array construction. diff --git a/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayConstructionLocalQuery.qll b/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayConstructionLocalQuery.qll index e2dee03a1c1..f1d21fbfa80 100644 --- a/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayConstructionLocalQuery.qll +++ b/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayConstructionLocalQuery.qll @@ -1,8 +1,8 @@ /** Provides a taint-tracking configuration to reason about improper validation of local user-provided size used for array construction. */ import java -import semmle.code.java.security.internal.ArraySizing -import semmle.code.java.dataflow.FlowSources +private import semmle.code.java.security.internal.ArraySizing +private import semmle.code.java.dataflow.FlowSources /** * A taint-tracking configuration to reason about improper validation of local user-provided size used for array construction. diff --git a/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayConstructionQuery.qll b/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayConstructionQuery.qll index a822640da2b..23e7443fc43 100644 --- a/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayConstructionQuery.qll +++ b/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayConstructionQuery.qll @@ -1,13 +1,13 @@ /** Provides a taint-tracking configuration to reason about improper validation of user-provided size used for array construction. */ import java -import semmle.code.java.security.internal.ArraySizing -import semmle.code.java.dataflow.FlowSources +private import semmle.code.java.security.internal.ArraySizing +private import semmle.code.java.dataflow.FlowSources /** * A taint-tracking configuration to reason about improper validation of user-provided size used for array construction. */ -private module ImproperValidationOfArrayConstructionConfig implements DataFlow::ConfigSig { +module ImproperValidationOfArrayConstructionConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource } predicate isSink(DataFlow::Node sink) { diff --git a/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayIndexCodeSpecifiedQuery.qll b/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayIndexCodeSpecifiedQuery.qll index 99a6cd12f10..2ae9eb2c696 100644 --- a/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayIndexCodeSpecifiedQuery.qll +++ b/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayIndexCodeSpecifiedQuery.qll @@ -1,9 +1,9 @@ /** Provides a dataflow configuration to reason about improper validation of code-specified array index. */ import java -import semmle.code.java.security.internal.ArraySizing -import semmle.code.java.security.internal.BoundingChecks -import semmle.code.java.dataflow.TaintTracking +private import semmle.code.java.security.internal.ArraySizing +private import semmle.code.java.security.internal.BoundingChecks +private import semmle.code.java.dataflow.DataFlow /** * A dataflow configuration to reason about improper validation of code-specified array index. diff --git a/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayIndexLocalQuery.qll b/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayIndexLocalQuery.qll index d1771909743..6b078bc2830 100644 --- a/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayIndexLocalQuery.qll +++ b/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayIndexLocalQuery.qll @@ -1,8 +1,8 @@ /** Provides a taint-tracking configuration to reason about improper validation of local user-provided array index. */ import java -import semmle.code.java.security.internal.ArraySizing -import semmle.code.java.dataflow.FlowSources +private import semmle.code.java.security.internal.ArraySizing +private import semmle.code.java.dataflow.FlowSources /** * A taint-tracking configuration to reason about improper validation of local user-provided array index. diff --git a/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayIndexQuery.qll b/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayIndexQuery.qll index 6869489c112..07b6b5e28cf 100644 --- a/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayIndexQuery.qll +++ b/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayIndexQuery.qll @@ -1,8 +1,8 @@ /** Provides a taint-tracking configuration to reason about improper validation of user-provided array index. */ import java -import semmle.code.java.security.internal.ArraySizing -import semmle.code.java.dataflow.FlowSources +private import semmle.code.java.security.internal.ArraySizing +private import semmle.code.java.dataflow.FlowSources /** * A taint-tracking configuration to reason about improper validation of user-provided array index. diff --git a/java/ql/lib/semmle/code/java/security/InsecureCookieQuery.qll b/java/ql/lib/semmle/code/java/security/InsecureCookieQuery.qll index 90e7cd44961..aacfa09e73f 100644 --- a/java/ql/lib/semmle/code/java/security/InsecureCookieQuery.qll +++ b/java/ql/lib/semmle/code/java/security/InsecureCookieQuery.qll @@ -1,7 +1,7 @@ /** Provides a dataflow configuration to reason about the failure to use secure cookies. */ import java -import semmle.code.java.dataflow.DataFlow +private import semmle.code.java.dataflow.DataFlow private import semmle.code.java.frameworks.Servlets private predicate isSafeSecureCookieSetting(Expr e) { diff --git a/java/ql/lib/semmle/code/java/security/NumericCastTaintedQuery.qll b/java/ql/lib/semmle/code/java/security/NumericCastTaintedQuery.qll index 1adac6aee2e..d2b0e75f052 100644 --- a/java/ql/lib/semmle/code/java/security/NumericCastTaintedQuery.qll +++ b/java/ql/lib/semmle/code/java/security/NumericCastTaintedQuery.qll @@ -1,11 +1,11 @@ /** Provides classes to reason about possible truncation from casting of a user-provided value. */ import java -import semmle.code.java.arithmetic.Overflow -import semmle.code.java.dataflow.SSA -import semmle.code.java.controlflow.Guards -import semmle.code.java.dataflow.RangeAnalysis -import semmle.code.java.dataflow.FlowSources +private import semmle.code.java.arithmetic.Overflow +private import semmle.code.java.dataflow.SSA +private import semmle.code.java.controlflow.Guards +private import semmle.code.java.dataflow.RangeAnalysis +private import semmle.code.java.dataflow.FlowSources /** * A `CastExpr` that is a narrowing cast. @@ -37,7 +37,7 @@ class RightShiftOp extends Expr { } /** - * Gets the expression that is shifted. + * Gets the variable that is shifted. */ Variable getShiftedVariable() { this.getLhs() = result.getAnAccess() or diff --git a/java/ql/lib/semmle/code/java/security/ResponseSplittingLocalQuery.qll b/java/ql/lib/semmle/code/java/security/ResponseSplittingLocalQuery.qll index 1374096a79f..01743bd3c61 100644 --- a/java/ql/lib/semmle/code/java/security/ResponseSplittingLocalQuery.qll +++ b/java/ql/lib/semmle/code/java/security/ResponseSplittingLocalQuery.qll @@ -1,8 +1,8 @@ /** Provides a taint-tracking configuration to reason about response splitting vulnerabilities from local user input. */ import java -import semmle.code.java.dataflow.FlowSources -import semmle.code.java.security.ResponseSplitting +private import semmle.code.java.dataflow.FlowSources +private import semmle.code.java.security.ResponseSplitting /** * A taint-tracking configuration to reason about response splitting vulnerabilities from local user input. diff --git a/java/ql/lib/semmle/code/java/security/SqlConcatenatedQuery.qll b/java/ql/lib/semmle/code/java/security/SqlConcatenatedQuery.qll index 5040ccc366a..88919efbe12 100644 --- a/java/ql/lib/semmle/code/java/security/SqlConcatenatedQuery.qll +++ b/java/ql/lib/semmle/code/java/security/SqlConcatenatedQuery.qll @@ -1,7 +1,7 @@ /** Provides classes and modules to reason about SqlInjection vulnerabilities from string concatentation. */ import java -import semmle.code.java.dataflow.TaintTracking +private import semmle.code.java.dataflow.TaintTracking private import semmle.code.java.security.SqlConcatenatedLib private import semmle.code.java.security.SqlInjectionQuery diff --git a/java/ql/lib/semmle/code/java/security/SqlTaintedLocalQuery.qll b/java/ql/lib/semmle/code/java/security/SqlTaintedLocalQuery.qll index 664290c7d90..f926901a8b9 100644 --- a/java/ql/lib/semmle/code/java/security/SqlTaintedLocalQuery.qll +++ b/java/ql/lib/semmle/code/java/security/SqlTaintedLocalQuery.qll @@ -3,9 +3,9 @@ * that is used in a SQL query. */ -import semmle.code.java.Expr -import semmle.code.java.dataflow.FlowSources -import semmle.code.java.security.SqlInjectionQuery +import java +private import semmle.code.java.dataflow.FlowSources +private import semmle.code.java.security.SqlInjectionQuery /** * A taint-tracking configuration for reasoning about local user input that is diff --git a/java/ql/lib/semmle/code/java/security/StackTraceExposureQuery.qll b/java/ql/lib/semmle/code/java/security/StackTraceExposureQuery.qll index 4c150dc7c0e..f478ac4815e 100644 --- a/java/ql/lib/semmle/code/java/security/StackTraceExposureQuery.qll +++ b/java/ql/lib/semmle/code/java/security/StackTraceExposureQuery.qll @@ -1,8 +1,8 @@ /** Provides predicates to reason about exposure of stack-traces. */ import java -import semmle.code.java.dataflow.DataFlow -import semmle.code.java.dataflow.TaintTracking +private import semmle.code.java.dataflow.DataFlow +private import semmle.code.java.dataflow.TaintTracking private import semmle.code.java.security.InformationLeak /** diff --git a/java/ql/lib/semmle/code/java/security/TaintedPermissionsCheckQuery.qll b/java/ql/lib/semmle/code/java/security/TaintedPermissionsCheckQuery.qll index b3a217775cb..e403a8b60a7 100644 --- a/java/ql/lib/semmle/code/java/security/TaintedPermissionsCheckQuery.qll +++ b/java/ql/lib/semmle/code/java/security/TaintedPermissionsCheckQuery.qll @@ -1,8 +1,8 @@ /** Provides classes to reason about tainted permissions check vulnerabilities. */ import java -import semmle.code.java.dataflow.FlowSources -import semmle.code.java.dataflow.TaintTracking +private import semmle.code.java.dataflow.FlowSources +private import semmle.code.java.dataflow.TaintTracking /** * The `org.apache.shiro.subject.Subject` class. diff --git a/java/ql/lib/semmle/code/java/security/TempDirLocalInformationDisclosureQuery.qll b/java/ql/lib/semmle/code/java/security/TempDirLocalInformationDisclosureQuery.qll index 9c1d104b89a..d5cf900343b 100644 --- a/java/ql/lib/semmle/code/java/security/TempDirLocalInformationDisclosureQuery.qll +++ b/java/ql/lib/semmle/code/java/security/TempDirLocalInformationDisclosureQuery.qll @@ -1,7 +1,7 @@ /** Provides classes to reason about local information disclosure in a temporary directory. */ import java -import semmle.code.java.dataflow.TaintTracking +private import semmle.code.java.dataflow.TaintTracking private import semmle.code.java.os.OSCheck private import semmle.code.java.security.TempDirUtils diff --git a/java/ql/lib/semmle/code/java/security/UrlRedirectLocalQuery.qll b/java/ql/lib/semmle/code/java/security/UrlRedirectLocalQuery.qll index 370ffeedccb..8b2e0374322 100644 --- a/java/ql/lib/semmle/code/java/security/UrlRedirectLocalQuery.qll +++ b/java/ql/lib/semmle/code/java/security/UrlRedirectLocalQuery.qll @@ -1,8 +1,8 @@ /** Provides a taint-tracking configuration to reason about URL redirection from local sources. */ import java -import semmle.code.java.dataflow.FlowSources -import semmle.code.java.security.UrlRedirect +private import semmle.code.java.dataflow.FlowSources +private import semmle.code.java.security.UrlRedirect /** * A taint-tracking configuration to reason about URL redirection from local sources. diff --git a/java/ql/lib/semmle/code/java/security/UrlRedirectQuery.qll b/java/ql/lib/semmle/code/java/security/UrlRedirectQuery.qll index d55f13aee3b..552435d8af7 100644 --- a/java/ql/lib/semmle/code/java/security/UrlRedirectQuery.qll +++ b/java/ql/lib/semmle/code/java/security/UrlRedirectQuery.qll @@ -1,8 +1,8 @@ /** Provides a taint-tracking configuration for reasoning about URL redirections. */ import java -import semmle.code.java.dataflow.FlowSources -import semmle.code.java.security.UrlRedirect +private import semmle.code.java.dataflow.FlowSources +private import semmle.code.java.security.UrlRedirect /** * A taint-tracking configuration for reasoning about URL redirections. diff --git a/java/ql/lib/semmle/code/java/security/XPathInjectionQuery.qll b/java/ql/lib/semmle/code/java/security/XPathInjectionQuery.qll index e209396abf8..7615784896d 100644 --- a/java/ql/lib/semmle/code/java/security/XPathInjectionQuery.qll +++ b/java/ql/lib/semmle/code/java/security/XPathInjectionQuery.qll @@ -1,8 +1,9 @@ /** Provides taint-tracking flow to reason about XPath injection queries. */ -import semmle.code.java.dataflow.FlowSources -import semmle.code.java.dataflow.TaintTracking -import semmle.code.java.security.XPath +import java +private import semmle.code.java.dataflow.FlowSources +private import semmle.code.java.dataflow.TaintTracking +private import semmle.code.java.security.XPath /** * A taint-tracking configuration for reasoning about XPath injection vulnerabilities. diff --git a/java/ql/lib/semmle/code/java/security/XssLocalQuery.qll b/java/ql/lib/semmle/code/java/security/XssLocalQuery.qll index e8300ed99ac..83eb33682af 100644 --- a/java/ql/lib/semmle/code/java/security/XssLocalQuery.qll +++ b/java/ql/lib/semmle/code/java/security/XssLocalQuery.qll @@ -1,9 +1,9 @@ /** Provides a taint-tracking configuration to reason about cross-site scripting from a local source. */ import java -import semmle.code.java.dataflow.FlowSources -import semmle.code.java.dataflow.TaintTracking -import semmle.code.java.security.XSS +private import semmle.code.java.dataflow.FlowSources +private import semmle.code.java.dataflow.TaintTracking +private import semmle.code.java.security.XSS /** * A taint-tracking configuration for reasoning about cross-site scripting vulnerabilities from a local source. diff --git a/java/ql/lib/semmle/code/java/security/internal/ArraySizing.qll b/java/ql/lib/semmle/code/java/security/internal/ArraySizing.qll index dc5698185be..29c4d0e5e3d 100644 --- a/java/ql/lib/semmle/code/java/security/internal/ArraySizing.qll +++ b/java/ql/lib/semmle/code/java/security/internal/ArraySizing.qll @@ -1,9 +1,9 @@ /** Provides predicates and classes to reason about the sizing and indexing of arrays. */ import java -import semmle.code.java.dataflow.DataFlow -import semmle.code.java.dataflow.DefUse -import semmle.code.java.security.RandomDataSource +private import semmle.code.java.dataflow.DataFlow +private import semmle.code.java.dataflow.DefUse +private import semmle.code.java.security.RandomDataSource private import BoundingChecks /** diff --git a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstruction.ql b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstruction.ql index f7c9f816085..3579ee7294b 100644 --- a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstruction.ql +++ b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstruction.ql @@ -11,6 +11,7 @@ */ import java +import semmle.code.java.security.internal.ArraySizing import semmle.code.java.security.ImproperValidationOfArrayConstructionQuery import ImproperValidationOfArrayConstructionFlow::PathGraph diff --git a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionCodeSpecified.ql b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionCodeSpecified.ql index 7afa381a225..8bac3d8f478 100644 --- a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionCodeSpecified.ql +++ b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionCodeSpecified.ql @@ -12,6 +12,7 @@ */ import java +import semmle.code.java.security.internal.ArraySizing import semmle.code.java.security.ImproperValidationOfArrayConstructionCodeSpecifiedQuery import BoundedFlowSourceFlow::PathGraph diff --git a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionLocal.ql b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionLocal.ql index acf814afe3d..1ba0521ee4d 100644 --- a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionLocal.ql +++ b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionLocal.ql @@ -12,6 +12,7 @@ */ import java +import semmle.code.java.security.internal.ArraySizing import semmle.code.java.security.ImproperValidationOfArrayConstructionLocalQuery import ImproperValidationOfArrayConstructionLocalFlow::PathGraph diff --git a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndex.ql b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndex.ql index d30cf48831e..e50dfc72d80 100644 --- a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndex.ql +++ b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndex.ql @@ -11,6 +11,7 @@ */ import java +import semmle.code.java.security.internal.ArraySizing import semmle.code.java.security.ImproperValidationOfArrayIndexQuery import ImproperValidationOfArrayIndexFlow::PathGraph diff --git a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndexCodeSpecified.ql b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndexCodeSpecified.ql index e9afb8376b1..117c5dce99a 100644 --- a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndexCodeSpecified.ql +++ b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndexCodeSpecified.ql @@ -12,6 +12,8 @@ */ import java +import semmle.code.java.security.internal.ArraySizing +import semmle.code.java.security.internal.BoundingChecks import semmle.code.java.security.ImproperValidationOfArrayIndexCodeSpecifiedQuery import BoundedFlowSourceFlow::PathGraph diff --git a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndexLocal.ql b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndexLocal.ql index 82da42264c8..7302ea676d1 100644 --- a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndexLocal.ql +++ b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndexLocal.ql @@ -12,6 +12,7 @@ */ import java +import semmle.code.java.security.internal.ArraySizing import semmle.code.java.security.ImproperValidationOfArrayIndexLocalQuery import ImproperValidationOfArrayIndexLocalFlow::PathGraph diff --git a/java/ql/src/Security/CWE/CWE-134/ExternallyControlledFormatStringLocal.ql b/java/ql/src/Security/CWE/CWE-134/ExternallyControlledFormatStringLocal.ql index 42bdf1c9f9d..ef37ebac1c9 100644 --- a/java/ql/src/Security/CWE/CWE-134/ExternallyControlledFormatStringLocal.ql +++ b/java/ql/src/Security/CWE/CWE-134/ExternallyControlledFormatStringLocal.ql @@ -11,6 +11,7 @@ */ import java +import semmle.code.java.StringFormat import semmle.code.java.security.ExternallyControlledFormatStringLocalQuery import ExternallyControlledFormatStringLocalFlow::PathGraph diff --git a/java/ql/src/Security/CWE/CWE-190/ArithmeticTaintedLocal.ql b/java/ql/src/Security/CWE/CWE-190/ArithmeticTaintedLocal.ql index 25188e1adfa..be7092ee3e0 100644 --- a/java/ql/src/Security/CWE/CWE-190/ArithmeticTaintedLocal.ql +++ b/java/ql/src/Security/CWE/CWE-190/ArithmeticTaintedLocal.ql @@ -13,6 +13,8 @@ */ import java +import semmle.code.java.dataflow.DataFlow +import semmle.code.java.security.ArithmeticCommon import semmle.code.java.security.ArithmeticTaintedLocalQuery module Flow = diff --git a/java/ql/src/Security/CWE/CWE-209/StackTraceExposure.ql b/java/ql/src/Security/CWE/CWE-209/StackTraceExposure.ql index 5d38bf0c45d..fd72e595cdd 100644 --- a/java/ql/src/Security/CWE/CWE-209/StackTraceExposure.ql +++ b/java/ql/src/Security/CWE/CWE-209/StackTraceExposure.ql @@ -14,6 +14,7 @@ */ import java +import semmle.code.java.dataflow.DataFlow import semmle.code.java.security.StackTraceExposureQuery from Expr externalExpr, Expr errorInformation diff --git a/java/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql b/java/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql index 3144c359cc5..a848419aaa3 100644 --- a/java/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql +++ b/java/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql @@ -12,6 +12,7 @@ */ import java +import semmle.code.java.security.Encryption import semmle.code.java.security.BrokenCryptoAlgorithmQuery import InsecureCryptoFlow::PathGraph diff --git a/java/ql/test/query-tests/security/CWE-643/XPathInjectionTest.ql b/java/ql/test/query-tests/security/CWE-643/XPathInjectionTest.ql index e205694e657..385ade9105b 100644 --- a/java/ql/test/query-tests/security/CWE-643/XPathInjectionTest.ql +++ b/java/ql/test/query-tests/security/CWE-643/XPathInjectionTest.ql @@ -1,4 +1,5 @@ import java +import semmle.code.java.dataflow.DataFlow import semmle.code.java.security.XPathInjectionQuery import TestUtilities.InlineExpectationsTest