From d9e6e5aa04e550e7226c80ae468a2f0e4bbd4181 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Mon, 17 Jan 2022 10:46:21 +0100 Subject: [PATCH] Apply suggestions from code review Co-authored-by: Chris Smowton --- .../security/CleartextStorageAndroidFilesystemQuery.qll | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll b/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll index abdfd98e483..7d03038fc29 100644 --- a/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll +++ b/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll @@ -18,7 +18,7 @@ private class AndroidFilesystemCleartextStorageSink extends CleartextStorageSink } } -/** The creation of an object that can be used to write to files to the local filesystem. */ +/** A call to a method or constructor that may write to files to the local filesystem. */ class LocalFileOpenCall extends Storable { LocalFileOpenCall() { this = any(DataFlow::Node sink | sinkNode(sink, "create-file")).asExpr().(Argument).getCall() @@ -56,7 +56,7 @@ private predicate isVarargs(Argument arg, DataFlow::ImplicitVarargsArray varargs } /** Holds if `store` closes `file`. */ -private predicate filesystemStore(DataFlow::Node file, Call store) { +private predicate closesFile(DataFlow::Node file, Call closeCall) { store.getCallee() instanceof CloseFileMethod and if store.getCallee().isStatic() then file.asExpr() = store @@ -67,7 +67,7 @@ private predicate filesystemStore(DataFlow::Node file, Call store) { store = file.asExpr() } -/** A method that closes a file. */ +/** A method that closes a file, perhaps after writing some data. */ private class CloseFileMethod extends Method { CloseFileMethod() { this.hasQualifiedName("java.io", ["RandomAccessFile", "FileOutputStream", "PrintStream"],