From e442e50e6becbc970cd34fcc6a4d640ca29f222d Mon Sep 17 00:00:00 2001
From: Tony Torralba <atorralba@users.noreply.github.com>
Date: Wed, 19 Jan 2022 16:41:31 +0100
Subject: [PATCH] Apply suggestions from code review

Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
---
 java/ql/lib/semmle/code/java/security/UnsafeCertTrustQuery.qll | 2 +-
 java/ql/src/Security/CWE/CWE-273/UnsafeCertTrust.ql            | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/java/ql/lib/semmle/code/java/security/UnsafeCertTrustQuery.qll b/java/ql/lib/semmle/code/java/security/UnsafeCertTrustQuery.qll
index 05bd9825a58..767b86d4e41 100644
--- a/java/ql/lib/semmle/code/java/security/UnsafeCertTrustQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/UnsafeCertTrustQuery.qll
@@ -60,6 +60,6 @@ private class SafeSetEndpointIdentificationAlgorithm extends MethodAccess {
     this.getMethod().hasName("setEndpointIdentificationAlgorithm") and
     this.getMethod().getDeclaringType() instanceof SSLParameters and
     not this.getArgument(0) instanceof NullLiteral and
-    not this.getArgument(0).(CompileTimeConstantExpr).getStringValue().length() = 0
+    not this.getArgument(0).(CompileTimeConstantExpr).getStringValue() = ""
   }
 }
diff --git a/java/ql/src/Security/CWE/CWE-273/UnsafeCertTrust.ql b/java/ql/src/Security/CWE/CWE-273/UnsafeCertTrust.ql
index 12f20b40c93..13e1375d164 100644
--- a/java/ql/src/Security/CWE/CWE-273/UnsafeCertTrust.ql
+++ b/java/ql/src/Security/CWE/CWE-273/UnsafeCertTrust.ql
@@ -20,4 +20,4 @@ where
   exists(SslEndpointIdentificationFlowConfig config |
     config.hasFlowTo(DataFlow::exprNode(unsafeTrust))
   )
-select unsafeTrust, "Unsafe configuration of trusted certificates"
+select unsafeTrust, "Unsafe configuration of trusted certificates."