Simplification

Author: atorralba

java/ql/lib/semmle/code/java/security/AndroidCertificatePinningQuery.qll

@@ -110,7 +110,7 @@ private class UntrustedUrlConfig extends TaintTracking::Configuration {
   UntrustedUrlConfig() { this = "UntrustedUrlConfig" }
 
   override predicate isSource(DataFlow::Node node) {
-    exists(string d | trustedDomain(d)) and
+    trustedDomain(_) and
     exists(string lit | lit = node.asExpr().(CompileTimeConstantExpr).getStringValue() |
       lit.matches("%://%") and // it's a URL
       not exists(string dom | trustedDomain(dom) and lit.matches("%" + dom + "%"))
@@ -125,8 +125,7 @@ predicate missingPinning(DataFlow::Node node, string domain) {
   isAndroid() and
   node instanceof MissingPinningSink and
   (
-    not exists(string s | trustedDomain(s)) and
-    domain = ""
+    not trustedDomain(_) and domain = ""
     or
     exists(UntrustedUrlConfig conf, DataFlow::Node src |
       conf.hasFlow(src, node) and

java/ql/test/query-tests/security/CWE-295/AndroidMissingCertificatePinning/Test1/test.ql

@@ -13,11 +13,7 @@ class Test extends InlineExpectationsTest {
       loc = node.getLocation() and
       el = node.toString() and
       value = "" and
-      (
-        if exists(string x | trustedDomain(x))
-        then tag = "hasUntrustedResult"
-        else tag = "hasNoTrustedResult"
-      )
+      if trustedDomain(_) then tag = "hasUntrustedResult" else tag = "hasNoTrustedResult"
     )
   }
 }