Split up Random.qll

This prevents bringing a dataflow config into scope from utility libraries.
2025-12-24 04:36:35 +01:00 · 2021-07-01 16:25:09 +01:00
parent 80124df78e
commit 643f7dfb87
8 changed files with 166 additions and 160 deletions
--- a/java/ql/src/Security/CWE/CWE-129/ArraySizing.qll
+++ b/java/ql/src/Security/CWE/CWE-129/ArraySizing.qll
@@ -1,7 +1,7 @@
 import java
 import semmle.code.java.dataflow.DataFlow
 import semmle.code.java.dataflow.DefUse
-import semmle.code.java.security.Random
+import semmle.code.java.security.RandomDataSource
 private import BoundingChecks

 /**
--- a/java/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql
+++ b/java/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql
@@ -14,7 +14,7 @@

 import java
 import semmle.code.java.dataflow.TaintTracking
-import semmle.code.java.security.Random
+import semmle.code.java.security.RandomQuery
 import semmle.code.java.security.SecurityTests
 import ArithmeticCommon
 import DataFlow::PathGraph
--- a/java/ql/src/Security/CWE/CWE-335/PredictableSeed.ql
+++ b/java/ql/src/Security/CWE/CWE-335/PredictableSeed.ql
@@ -11,7 +11,7 @@
 */

 import java
-import semmle.code.java.security.Random
+import semmle.code.java.security.RandomQuery

 from GetRandomData da, RValue use, PredictableSeedExpr source
 where