Refactor Hudson file methods to MaD

2026-04-27 17:55:19 +02:00 · 2023-09-02 15:15:59 -04:00
parent 3a75c0fde7
commit a1d3667f1c
2 changed files with 5 additions and 15 deletions
--- a/java/ql/lib/semmle/code/java/frameworks/hudson/Hudson.qll
+++ b/java/ql/lib/semmle/code/java/frameworks/hudson/Hudson.qll
@@ -13,21 +13,6 @@ class HudsonWebMethod extends Method {
  }
 }

-private class FilePathRead extends LocalUserInput {
-  FilePathRead() {
-    this.asExpr()
-        .(MethodAccess)
-        .getMethod()
-        .hasQualifiedName("hudson", "FilePath",
-          [
-            "newInputStreamDenyingSymlinkAsNeeded", "openInputStream", "read", "readFromOffset",
-            "readToString"
-          ])
-  }
-
-  override string getThreatModel() { result = "file" }
-}
-
 private class HudsonUtilXssSanitizer extends XssSanitizer {
  HudsonUtilXssSanitizer() {
    this.asExpr()