From e37336d5504001dcf2f17bdc84769fe005e6f353 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com> Date: Mon, 24 Nov 2025 14:10:20 +0000 Subject: [PATCH] No need for `getUnderlyingExpr` to look through casts --- .../code/java/security/SensitiveLoggingQuery.qll | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll b/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll index 315f915b2e1..7058b844cbd 100644 --- a/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll +++ b/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll @@ -90,7 +90,7 @@ private predicate singleArgLimit(MethodCall mc, int limit, boolean isKotlin) { exists(int firstArgIndex, int delta | if isKotlin = true then firstArgIndex = 1 else firstArgIndex = 0 | - bounded(mc.getArgument(firstArgIndex).getUnderlyingExpr(), any(ZeroBound z), delta, true, _) and + bounded(mc.getArgument(firstArgIndex), any(ZeroBound z), delta, true, _) and delta <= limit ) } @@ -104,10 +104,10 @@ private predicate twoArgLimit(MethodCall mc, int limit, boolean isKotlin) { or isKotlin = false and firstArgIndex = 0 and secondArgIndex = 1 | - // mc.getArgument(firstArgIndex).getUnderlyingExpr().(CompileTimeConstantExpr).getIntValue() = 0 and - bounded(mc.getArgument(firstArgIndex).getUnderlyingExpr(), any(ZeroBound z), 0, true, _) and - bounded(mc.getArgument(firstArgIndex).getUnderlyingExpr(), any(ZeroBound z), 0, false, _) and - bounded(mc.getArgument(secondArgIndex).getUnderlyingExpr(), any(ZeroBound z), delta, true, _) and + // mc.getArgument(firstArgIndex).(CompileTimeConstantExpr).getIntValue() = 0 and + bounded(mc.getArgument(firstArgIndex), any(ZeroBound z), 0, true, _) and + bounded(mc.getArgument(firstArgIndex), any(ZeroBound z), 0, false, _) and + bounded(mc.getArgument(secondArgIndex), any(ZeroBound z), delta, true, _) and delta <= limit ) }