hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Remove unnecessary private markers (CommandLine and Request forgery)

Browse Source
This commit is contained in:
Ed Minnix
2023-03-28 11:34:22 -04:00
parent 0249890747
commit bbf7c67f9b
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/lib/semmle/code/java/security/CommandLineQuery.qll
View File

@@ -37,7 +37,7 @@ deprecated class RemoteUserInputToArgumentToExecFlowConfig extends TaintTracking
/**
* A taint-tracking configuration for unvalidated user input that is used to run an external process.
*/
private module RemoteUserInputToArgumentToExecFlowConfig implements DataFlow::ConfigSig {
module RemoteUserInputToArgumentToExecFlowConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node src) { src instanceof RemoteFlowSource }
predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof ArgumentToExec }

2
java/ql/lib/semmle/code/java/security/RequestForgeryConfig.qll
View File

@@ -35,7 +35,7 @@ deprecated class RequestForgeryConfiguration extends TaintTracking::Configuratio
/**
* A taint-tracking configuration characterising request-forgery risks.
*/
private module RequestForgeryConfig implements DataFlow::ConfigSig {
module RequestForgeryConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) {
source instanceof RemoteFlowSource and
// Exclude results of remote HTTP requests: fetching something else based on that result