From fc71c6142f6036da8a393deb2e578d53e58c06de Mon Sep 17 00:00:00 2001 From: tombolton Date: Tue, 26 Apr 2022 16:22:17 +0100 Subject: [PATCH] change ATM to Atm for StoredXss and XssThroughDom configs --- .../experimental/adaptivethreatmodeling/StoredXssATM.qll | 8 ++++---- .../adaptivethreatmodeling/XssThroughDomATM.qll | 8 ++++---- .../modelbuilding/extraction/ExtractEndpointData.qll | 4 ++-- .../modelbuilding/extraction/ExtractEndpointMapping.ql | 4 ++-- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/StoredXssATM.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/StoredXssATM.qll index 6f82279557c..154a153f09d 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/StoredXssATM.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/StoredXssATM.qll @@ -25,8 +25,8 @@ module SinkEndpointFilter { } } -class StoredXssATMConfig extends ATMConfig { - StoredXssATMConfig() { this = "StoredXssATMConfig" } +class StoredXssAtmConfig extends ATMConfig { + StoredXssAtmConfig() { this = "StoredXssAtmConfig" } override predicate isKnownSource(DataFlow::Node source) { source instanceof Source } @@ -43,12 +43,12 @@ class StoredXssATMConfig extends ATMConfig { * A taint-tracking configuration for reasoning about XSS. */ class Configuration extends TaintTracking::Configuration { - Configuration() { this = "StoredXssATMConfig" } + Configuration() { this = "StoredXssAtmConfig" } override predicate isSource(DataFlow::Node source) { source instanceof Source } override predicate isSink(DataFlow::Node sink) { - (sink instanceof Sink or any(StoredXssATMConfig cfg).isEffectiveSink(sink)) + (sink instanceof Sink or any(StoredXssAtmConfig cfg).isEffectiveSink(sink)) } override predicate isSanitizer(DataFlow::Node node) { diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/XssThroughDomATM.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/XssThroughDomATM.qll index 38c5ba45a8f..603ccacf188 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/XssThroughDomATM.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/XssThroughDomATM.qll @@ -29,8 +29,8 @@ module SinkEndpointFilter { } } -class XssThroughDOMATMConfig extends ATMConfig { - XssThroughDOMATMConfig() { this = "XssThroughDOMATMConfig" } +class XssThroughDomAtmConfig extends ATMConfig { + XssThroughDomAtmConfig() { this = "XssThroughDomAtmConfig" } override predicate isKnownSource(DataFlow::Node source) { source instanceof Source } @@ -47,12 +47,12 @@ class XssThroughDOMATMConfig extends ATMConfig { * A taint-tracking configuration for reasoning about XSS through the DOM. */ class Configuration extends TaintTracking::Configuration { - Configuration() { this = "XssThroughDOMATMConfig" } + Configuration() { this = "XssThroughDomAtmConfig" } override predicate isSource(DataFlow::Node source) { source instanceof Source } override predicate isSink(DataFlow::Node sink) { - (sink instanceof DomBasedXss::Sink or any(XssThroughDOMATMConfig cfg).isEffectiveSink(sink)) + (sink instanceof DomBasedXss::Sink or any(XssThroughDomAtmConfig cfg).isEffectiveSink(sink)) } override predicate isSanitizer(DataFlow::Node node) { diff --git a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointData.qll b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointData.qll index cbc9d929581..118f364b218 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointData.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointData.qll @@ -31,13 +31,13 @@ AtmConfig getAtmCfg(Query query) { or query instanceof SqlInjectionQuery and result instanceof SqlInjectionATM::SqlInjectionAtmConfig or - query instanceof StoredXssQuery and result instanceof StoredXssATM::StoredXssATMConfig + query instanceof StoredXssQuery and result instanceof StoredXssATM::StoredXssAtmConfig or query instanceof TaintedPathQuery and result instanceof TaintedPathATM::TaintedPathATMConfig or query instanceof XssQuery and result instanceof XssATM::DomBasedXssATMConfig or - query instanceof XssThroughDomQuery and result instanceof XssThroughDomATM::XssThroughDOMATMConfig + query instanceof XssThroughDomQuery and result instanceof XssThroughDomATM::XssThroughDomAtmConfig } /** DEPRECATED: Alias for getAtmCfg */ diff --git a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointMapping.ql b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointMapping.ql index b93a81c5cfb..feb7d6c12da 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointMapping.ql +++ b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointMapping.ql @@ -22,7 +22,7 @@ where c instanceof SqlInjectionAtm::SqlInjectionAtmConfig or queryName = "StoredXssATM.ql" and - c instanceof StoredXssAtm::StoredXssATMConfig + c instanceof StoredXssAtm::StoredXssAtmConfig or queryName = "TaintedPathInjectionATM.ql" and c instanceof TaintedPathAtm::TaintedPathAtmConfig @@ -30,7 +30,7 @@ where queryName = "XssATM.ql" and c instanceof XssAtm::DomBasedXssAtmConfig or queryName = "XssThroughDomATM.ql" and - c instanceof XssThroughDomAtm::XssThroughDOMATMConfig + c instanceof XssThroughDomAtm::XssThroughDomAtmConfig ) and e = c.getASinkEndpointType() select queryName, e.getEncoding() as endpointTypeEncoded