Rename UntrustedFlowAsSource to RemoteFlowAsSource

Author: owen-mc

go/ql/lib/semmle/go/security/CommandInjectionCustomizations.qll

@@ -30,7 +30,7 @@ module CommandInjection {
   abstract class Sanitizer extends DataFlow::Node { }
 
   /** A source of untrusted data, considered as a taint source for command injection. */
-  class UntrustedFlowAsSource extends Source instanceof RemoteFlowSource { }
+  class RemoteFlowAsSource extends Source instanceof RemoteFlowSource { }
 
   /** A command name, considered as a taint sink for command injection. */
   class CommandNameAsSink extends Sink {

go/ql/lib/semmle/go/security/LogInjectionCustomizations.qll

@@ -26,7 +26,7 @@ module LogInjection {
   abstract class Sanitizer extends DataFlow::Node { }
 
   /** A source of untrusted data, considered as a taint source for log injection. */
-  class UntrustedFlowAsSource extends Source instanceof RemoteFlowSource { }
+  class RemoteFlowAsSource extends Source instanceof RemoteFlowSource { }
 
   /** An argument to a logging mechanism. */
   class LoggerSink extends Sink {

go/ql/lib/semmle/go/security/OpenUrlRedirectCustomizations.qll

@@ -45,8 +45,8 @@ module OpenUrlRedirect {
   /**
    * A source of third-party user input, considered as a flow source for URL redirects.
    */
-  class UntrustedFlowAsSource extends Source, RemoteFlowSource {
-    UntrustedFlowAsSource() {
+  class RemoteFlowAsSource extends Source, RemoteFlowSource {
+    RemoteFlowAsSource() {
       // exclude some fields and methods of URLs that are generally not attacker-controllable for
       // open redirect exploits
       not this instanceof Http::Redirect::UnexploitableSource

go/ql/lib/semmle/go/security/ReflectedXssCustomizations.qll

@@ -37,7 +37,7 @@ module ReflectedXss {
   /**
    * A third-party controllable input, considered as a flow source for reflected XSS.
    */
-  class UntrustedFlowAsSource extends Source, RemoteFlowSource { }
+  class RemoteFlowAsSource extends Source, RemoteFlowSource { }
 
   /** An arbitrary XSS sink, considered as a flow sink for stored XSS. */
   private class AnySink extends Sink instanceof SharedXss::Sink { }

go/ql/lib/semmle/go/security/RequestForgeryCustomizations.qll

@@ -35,7 +35,7 @@ module RequestForgery {
   /**
    * A third-party controllable input, considered as a flow source for request forgery.
    */
-  class UntrustedFlowAsSource extends Source, RemoteFlowSource { }
+  class RemoteFlowAsSource extends Source, RemoteFlowSource { }
 
   /**
    * The URL of an HTTP request, viewed as a sink for request forgery.

go/ql/lib/semmle/go/security/SqlInjectionCustomizations.qll

@@ -26,7 +26,7 @@ module SqlInjection {
   abstract class Sanitizer extends DataFlow::Node { }
 
   /** A source of untrusted data, considered as a taint source for SQL injection. */
-  class UntrustedFlowAsSource extends Source instanceof RemoteFlowSource { }
+  class RemoteFlowAsSource extends Source instanceof RemoteFlowSource { }
 
   /** An SQL string, considered as a taint sink for SQL injection. */
   class SqlQueryAsSink extends Sink instanceof SQL::QueryString { }

go/ql/lib/semmle/go/security/TaintedPathCustomizations.qll

@@ -45,7 +45,7 @@ module TaintedPath {
   }
 
   /** A source of untrusted data, considered as a taint source for path traversal. */
-  class UntrustedFlowAsSource extends Source instanceof RemoteFlowSource { }
+  class RemoteFlowAsSource extends Source instanceof RemoteFlowSource { }
 
   /** A path expression, considered as a taint sink for path traversal. */
   class PathAsSink extends Sink {

go/ql/lib/semmle/go/security/UncontrolledAllocationSizeCustomizations.qll

@@ -21,7 +21,7 @@ module UncontrolledAllocationSize {
   abstract class Sanitizer extends DataFlow::Node { }
 
   /** A source of untrusted data, considered as a taint source for uncontrolled size allocation vulnerabilities. */
-  private class UntrustedFlowAsSource extends Source instanceof RemoteFlowSource { }
+  private class RemoteFlowAsSource extends Source instanceof RemoteFlowSource { }
 
   /** The size argument of a memory allocation function. */
   private class AllocationSizeAsSink extends Sink instanceof AllocationSizeOverflow::AllocationSize {

go/ql/lib/semmle/go/security/XPathInjectionCustomizations.qll

@@ -25,7 +25,7 @@ module XPathInjection {
   abstract class Sanitizer extends DataFlow::ExprNode { }
 
   /** A source of untrusted data, used in an XPath expression. */
-  class UntrustedFlowAsSource extends Source instanceof RemoteFlowSource { }
+  class RemoteFlowAsSource extends Source instanceof RemoteFlowSource { }
 
   /** An XPath expression string, considered as a taint sink for XPath injection. */
   class XPathExpressionStringAsSink extends Sink instanceof XPath::XPathExpressionString { }

go/ql/src/experimental/CWE-74/DsnInjection.ql

@@ -14,7 +14,7 @@ import DsnInjectionCustomizations
 import DsnInjectionFlow::PathGraph
 
 /** An untrusted flow source taken as a source for the `DsnInjection` taint-flow configuration. */
-private class UntrustedFlowAsSource extends Source instanceof RemoteFlowSource { }
+private class RemoteFlowAsSource extends Source instanceof RemoteFlowSource { }
 
 from DsnInjectionFlow::PathNode source, DsnInjectionFlow::PathNode sink
 where DsnInjectionFlow::flowPath(source, sink)