CWE-598 reduction

java/ql/src/experimental/Security/CWE/CWE-598/SensitiveGetQuery.ql

@@ -2,6 +2,8 @@
  * @name Sensitive GET Query
  * @description Use of GET request method with sensitive query strings.
  * @kind path-problem
+ * @problem.severity warning
+ * @precision medium
  * @id java/sensitive-query-with-get
  * @tags security
  *       external/cwe-598
@@ -23,6 +25,16 @@ class SensitiveInfoExpr extends Expr {
   }
 }
 
+/** Holds if `m` is a method of some override of `HttpServlet.doGet`. */
+private predicate isGetServletMethod(Method m) {
+  isServletRequestMethod(m) and m.getName() = "doGet"
+}
+
+/** The `doGet` method of `HttpServlet`. */
+class DoGetServletMethod extends Method {
+  DoGetServletMethod() { isGetServletMethod(this) }
+}
+
 /** Holds if `ma` is (perhaps indirectly) called from the `doGet` method of `HttpServlet`. */
 predicate isReachableFromServletDoGet(MethodAccess ma) {
   ma.getEnclosingCallable() instanceof DoGetServletMethod
@@ -64,4 +76,4 @@ from DataFlow::PathNode source, DataFlow::PathNode sink, SensitiveGetQueryConfig
 where c.hasFlowPath(source, sink)
 select sink.getNode(), source, sink,
   "$@ uses the GET request method to transmit sensitive information.", source.getNode(),
-  "This request"
+  "This request"