diff --git a/java/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfig.qll b/java/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfigs.qll similarity index 96% rename from java/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfig.qll rename to java/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfigs.qll index 74f7590e29f..eb0485f9ec3 100644 --- a/java/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfig.qll +++ b/java/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfigs.qll @@ -5,12 +5,10 @@ * possible. Java queries that are defined in a `.ql` file get copied into this file. */ -private import java as java private import semmle.code.java.dataflow.TaintTracking +/* Configurations of queries we boost with ATM */ import semmle.code.java.security.RequestForgeryConfig import semmle.code.java.security.SqlInjectionQuery -import EndpointTypes -import EndpointCharacteristics as EndpointCharacteristics /* Copied from java/ql/src/Security/CWE/CWE-022/TaintedPath.ql */ private import semmle.code.java.dataflow.ExternalFlow private import semmle.code.java.security.PathCreation diff --git a/java/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll b/java/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll index 8fe42758985..355a00ca562 100644 --- a/java/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll +++ b/java/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll @@ -10,7 +10,7 @@ import semmle.code.java.security.RequestForgery private import semmle.code.java.dataflow.ExternalFlow private import semmle.code.java.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl import experimental.adaptivethreatmodeling.EndpointTypes -private import experimental.adaptivethreatmodeling.ATMConfig +private import experimental.adaptivethreatmodeling.ATMConfigs // To import the configurations of all supported Java queries private import semmle.code.java.security.ExternalAPIs as ExternalAPIs private import semmle.code.java.Expr as Expr @@ -25,7 +25,7 @@ predicate isKnownSink(DataFlow::Node sink, SinkType sinkType) { // If the list of characteristics includes positive indicators with maximal confidence for this class, then it's a // known sink for the class. sinkType != any(NegativeSinkType negative) and - exists(EndpointCharacteristics::EndpointCharacteristic characteristic | + exists(EndpointCharacteristic characteristic | characteristic.appliesToEndpoint(sink) and characteristic.hasImplications(sinkType, true, characteristic.maximalConfidence()) ) @@ -97,8 +97,8 @@ predicate erroneousConfidences( // * both characteristics belong to the same query. // */ // private predicate knownOverlappingCharacteristics( -// EndpointCharacteristics::EndpointCharacteristic characteristic1, -// EndpointCharacteristics::EndpointCharacteristic characteristic2 +// EndpointCharacteristic characteristic1, +// EndpointCharacteristic characteristic2 // ) { // characteristic1 != characteristic2 and // characteristic1 = ["file creation sink", "other path injection sink"] and diff --git a/java/ql/experimental/adaptivethreatmodeling/src/ExtractNegativeExamples.ql b/java/ql/experimental/adaptivethreatmodeling/src/ExtractNegativeExamples.ql index d4f9027dfc6..0600456b573 100644 --- a/java/ql/experimental/adaptivethreatmodeling/src/ExtractNegativeExamples.ql +++ b/java/ql/experimental/adaptivethreatmodeling/src/ExtractNegativeExamples.ql @@ -11,6 +11,7 @@ private import java import semmle.code.java.dataflow.TaintTracking private import experimental.adaptivethreatmodeling.EndpointCharacteristics as EndpointCharacteristics private import experimental.adaptivethreatmodeling.EndpointTypes +private import experimental.adaptivethreatmodeling.ATMConfigs // To import the configurations of all supported Java queries bindingset[rate] DataFlow::Node getSampleFromSampleRate(float rate) { diff --git a/java/ql/experimental/adaptivethreatmodeling/src/ExtractPositiveExamples.ql b/java/ql/experimental/adaptivethreatmodeling/src/ExtractPositiveExamples.ql index 558f98380c8..d69774cf60d 100644 --- a/java/ql/experimental/adaptivethreatmodeling/src/ExtractPositiveExamples.ql +++ b/java/ql/experimental/adaptivethreatmodeling/src/ExtractPositiveExamples.ql @@ -12,7 +12,7 @@ import semmle.code.java.dataflow.TaintTracking private import semmle.code.java.security.ExternalAPIs as ExternalAPIs private import experimental.adaptivethreatmodeling.EndpointCharacteristics as EndpointCharacteristics private import experimental.adaptivethreatmodeling.EndpointTypes -private import experimental.adaptivethreatmodeling.ATMConfig as AtmConfig +private import experimental.adaptivethreatmodeling.ATMConfigs // To import the configurations of all supported Java queries /* * ****** WARNING: ****** diff --git a/java/ql/experimental/adaptivethreatmodeling/src/ExtractSinkCandidatesWithFlow.ql b/java/ql/experimental/adaptivethreatmodeling/src/ExtractSinkCandidatesWithFlow.ql index c2b94213b79..0871b68144e 100644 --- a/java/ql/experimental/adaptivethreatmodeling/src/ExtractSinkCandidatesWithFlow.ql +++ b/java/ql/experimental/adaptivethreatmodeling/src/ExtractSinkCandidatesWithFlow.ql @@ -16,7 +16,7 @@ import semmle.code.java.dataflow.TaintTracking private import semmle.code.java.dataflow.ExternalFlow private import experimental.adaptivethreatmodeling.EndpointCharacteristics as EndpointCharacteristics private import experimental.adaptivethreatmodeling.EndpointTypes -private import experimental.adaptivethreatmodeling.ATMConfig as AtmConfig +private import experimental.adaptivethreatmodeling.ATMConfigs // To import the configurations of all supported Java queries /** * Holds if the candidate sink `candidateSink` should be considered as a possible sink of type `sinkType`, and