From e021158b5fa034d3aecb4267b55fefb2cc8cf84c Mon Sep 17 00:00:00 2001
From: intrigus <abc123zeus@live.de>
Date: Wed, 9 Dec 2020 23:37:29 +0100
Subject: [PATCH] Java: Tighter model of `HostnameVerifier#verify`

This more tightly models `HostnameVerifier#verify` previously it
was possible to accidentally match other methods called `verify`.
---
 java/ql/src/semmle/code/java/security/Encryption.qll | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/java/ql/src/semmle/code/java/security/Encryption.qll b/java/ql/src/semmle/code/java/security/Encryption.qll
index 35b9c367dd3..4ab5a0f5be2 100644
--- a/java/ql/src/semmle/code/java/security/Encryption.qll
+++ b/java/ql/src/semmle/code/java/security/Encryption.qll
@@ -29,13 +29,20 @@ class SSLContext extends RefType {
   SSLContext() { hasQualifiedName("javax.net.ssl", "SSLContext") }
 }
 
+class SSLSession extends RefType {
+  SSLSession() { hasQualifiedName("javax.net.ssl", "SSLSession") }
+}
+
 class HostnameVerifier extends RefType {
   HostnameVerifier() { hasQualifiedName("javax.net.ssl", "HostnameVerifier") }
 }
 
 class HostnameVerifierVerify extends Method {
   HostnameVerifierVerify() {
-    hasName("verify") and getDeclaringType().getASupertype*() instanceof HostnameVerifier
+    hasName("verify") and
+    getDeclaringType().getASupertype*() instanceof HostnameVerifier and
+    getParameterType(0) instanceof TypeString and
+    getParameterType(1) instanceof SSLSession
   }
 }