Skip to content

Commit 1a072f3

Browse files
luchua-bcluchua-bc
committed
Move APIs from predicates flagged auto-generated to the other section
1 parent 9ef58e3 commit 1a072f3

File tree

1 file changed

+6
-7
lines changed

1 file changed

+6
-7
lines changed

java/ql/src/Security/CWE/CWE-798/SensitiveApi.qll

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -129,9 +129,7 @@ private predicate javaApiCallablePasswordParam(string s) {
129129
s = "sun.tools.jconsole.ProxyClient;ProxyClient(String, int, String, String);3" or
130130
s = "sun.tools.jconsole.ProxyClient;getProxyClient(String, int, String, String);3" or
131131
s = "sun.tools.jconsole.ProxyClient;getProxyClient(String, String, String);2" or
132-
s = "sun.tools.jconsole.ProxyClient;getCacheKey(String, int, String, String);3" or
133-
s = "com.amazonaws.auth.BasicAWSCredentials;BasicAWSCredentials(String, String);1" or
134-
s = "com.azure.identity.UsernamePasswordCredentialBuilder;password(String);0"
132+
s = "sun.tools.jconsole.ProxyClient;getCacheKey(String, int, String, String);3"
135133
}
136134

137135
/**
@@ -202,9 +200,7 @@ private predicate javaApiCallableUsernameParam(string s) {
202200
s = "sun.tools.jconsole.ProxyClient;getProxyClient(String, String, String);1" or
203201
s = "sun.tools.jconsole.ProxyClient;getConnectionName(String, String);1" or
204202
s = "sun.tools.jconsole.ProxyClient;getProxyClient(String, int, String, String);2" or
205-
s = "sun.tools.jconsole.ProxyClient;getConnectionName(String, int, String);2" or
206-
s = "com.amazonaws.auth.BasicAWSCredentials;BasicAWSCredentials(String, String);0" or
207-
s = "com.azure.identity.UsernamePasswordCredentialBuilder;username(String);0"
203+
s = "sun.tools.jconsole.ProxyClient;getConnectionName(String, int, String);2"
208204
}
209205

210206
/**
@@ -513,6 +509,9 @@ private predicate otherApiCallableCredentialParam(string s) {
513509
"org.springframework.security.core.userdetails.User;User(String, String, boolean, boolean, boolean, boolean, Collection<? extends GrantedAuthority>);0" or
514510
s =
515511
"org.springframework.security.core.userdetails.User;User(String, String, boolean, boolean, boolean, boolean, Collection<? extends GrantedAuthority>);1" or
512+
s = "com.amazonaws.auth.BasicAWSCredentials;BasicAWSCredentials(String, String);0" or
513+
s = "com.amazonaws.auth.BasicAWSCredentials;BasicAWSCredentials(String, String);1" or
514+
s = "com.azure.identity.UsernamePasswordCredentialBuilder;username(String);0" or
515+
s = "com.azure.identity.UsernamePasswordCredentialBuilder;password(String);0" or
516516
s = "com.azure.identity.ClientSecretCredentialBuilder;clientSecret(String);0"
517-
518517
}

0 commit comments

Comments
 (0)