From 81667d741a8175687066289dc3e9b9d8aa3e8161 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Wed, 17 Dec 2025 10:47:45 +0000 Subject: [PATCH] Rename classes for external sanitizers --- java/ql/lib/semmle/code/java/security/PathSanitizer.qll | 4 ++-- java/ql/lib/semmle/code/java/security/RequestForgery.qll | 4 ++-- .../semmle/code/java/security/TrustBoundaryViolationQuery.qll | 4 ++-- java/ql/lib/semmle/code/java/security/XSS.qll | 4 ++-- .../lib/semmle/code/java/security/regexp/RegexInjection.qll | 4 ++-- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/java/ql/lib/semmle/code/java/security/PathSanitizer.qll b/java/ql/lib/semmle/code/java/security/PathSanitizer.qll index 2018004a3fb..4685f5e48f7 100644 --- a/java/ql/lib/semmle/code/java/security/PathSanitizer.qll +++ b/java/ql/lib/semmle/code/java/security/PathSanitizer.qll @@ -289,8 +289,8 @@ private Method getSourceMethod(Method m) { result = m } -private class DefaultPathInjectionSanitizer extends PathInjectionSanitizer { - DefaultPathInjectionSanitizer() { barrierNode(this, "path-injection") } +private class ExternalPathInjectionSanitizer extends PathInjectionSanitizer { + ExternalPathInjectionSanitizer() { barrierNode(this, "path-injection") } } /** Holds if `g` is a guard that checks for `..` components. */ diff --git a/java/ql/lib/semmle/code/java/security/RequestForgery.qll b/java/ql/lib/semmle/code/java/security/RequestForgery.qll index 690e4f9315b..489b45dffa2 100644 --- a/java/ql/lib/semmle/code/java/security/RequestForgery.qll +++ b/java/ql/lib/semmle/code/java/security/RequestForgery.qll @@ -118,8 +118,8 @@ private class ContainsUrlSanitizer extends RequestForgerySanitizer { } } -private class DefaultRequestForgerySanitizer extends RequestForgerySanitizer { - DefaultRequestForgerySanitizer() { barrierNode(this, "request-forgery") } +private class ExternalRequestForgerySanitizer extends RequestForgerySanitizer { + ExternalRequestForgerySanitizer() { barrierNode(this, "request-forgery") } } /** diff --git a/java/ql/lib/semmle/code/java/security/TrustBoundaryViolationQuery.qll b/java/ql/lib/semmle/code/java/security/TrustBoundaryViolationQuery.qll index 477aeb48b64..d234f3df20c 100644 --- a/java/ql/lib/semmle/code/java/security/TrustBoundaryViolationQuery.qll +++ b/java/ql/lib/semmle/code/java/security/TrustBoundaryViolationQuery.qll @@ -27,8 +27,8 @@ class TrustBoundaryViolationSink extends DataFlow::Node { */ abstract class TrustBoundaryValidationSanitizer extends DataFlow::Node { } -private class DefaultTrustBoundaryValidationSanitizer extends TrustBoundaryValidationSanitizer { - DefaultTrustBoundaryValidationSanitizer() { barrierNode(this, "trust-boundary-violation") } +private class ExternalTrustBoundaryValidationSanitizer extends TrustBoundaryValidationSanitizer { + ExternalTrustBoundaryValidationSanitizer() { barrierNode(this, "trust-boundary-violation") } } /** diff --git a/java/ql/lib/semmle/code/java/security/XSS.qll b/java/ql/lib/semmle/code/java/security/XSS.qll index c131f868f36..0d52d480ae7 100644 --- a/java/ql/lib/semmle/code/java/security/XSS.qll +++ b/java/ql/lib/semmle/code/java/security/XSS.qll @@ -54,8 +54,8 @@ private class DefaultXssSink extends XssSink { } } -private class DefaultXssSanitizer extends XssSanitizer { - DefaultXssSanitizer() { barrierNode(this, ["html-injection", "js-injection"]) } +private class ExternalXssSanitizer extends XssSanitizer { + ExternalXssSanitizer() { barrierNode(this, ["html-injection", "js-injection"]) } } /** A sanitizer that considers numeric and boolean typed data safe for writing to output. */ diff --git a/java/ql/lib/semmle/code/java/security/regexp/RegexInjection.qll b/java/ql/lib/semmle/code/java/security/regexp/RegexInjection.qll index d91b411b797..944ffca803a 100644 --- a/java/ql/lib/semmle/code/java/security/regexp/RegexInjection.qll +++ b/java/ql/lib/semmle/code/java/security/regexp/RegexInjection.qll @@ -21,8 +21,8 @@ private class DefaultRegexInjectionSink extends RegexInjectionSink { } } -private class DefaultRegexInjectionSanitizer extends RegexInjectionSanitizer { - DefaultRegexInjectionSanitizer() { barrierNode(this, "regex-use") } +private class ExternalRegexInjectionSanitizer extends RegexInjectionSanitizer { + ExternalRegexInjectionSanitizer() { barrierNode(this, "regex-use") } } /**