Java: ArithmeticUncontrolled

Author: d10c

java/ql/lib/semmle/code/java/security/ArithmeticUncontrolledQuery.qll

@@ -21,15 +21,11 @@ module ArithmeticUncontrolledOverflowConfig implements DataFlow::ConfigSig {
   predicate isBarrier(DataFlow::Node n) { overflowBarrier(n) }
 
   predicate observeDiffInformedIncrementalMode() {
-    any() // TODO: Make sure that the location overrides match the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 29 (/Users/d10c/src/semmle-code/ql/java/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql@36:8:36:10), Column 5 does not select a source or sink originating from the flow call on line 29 (/Users/d10c/src/semmle-code/ql/java/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql@38:3:38:18)
-  }
-
-  Location getASelectedSourceLocation(DataFlow::Node source) {
-    none() // TODO: Make sure that this source location matches the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 29 (/Users/d10c/src/semmle-code/ql/java/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql@36:8:36:10), Column 5 does not select a source or sink originating from the flow call on line 29 (/Users/d10c/src/semmle-code/ql/java/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql@38:3:38:18)
+    any() // merged with ArithmeticUncontrolledUnderflow in ArithmeticUncontrolled.ql
   }
 
   Location getASelectedSinkLocation(DataFlow::Node sink) {
-    none() // TODO: Make sure that this sink location matches the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 29 (/Users/d10c/src/semmle-code/ql/java/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql@36:8:36:10), Column 5 does not select a source or sink originating from the flow call on line 29 (/Users/d10c/src/semmle-code/ql/java/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql@38:3:38:18)
+    exists(ArithExpr exp | result = exp.getLocation() | overflowSink(exp, sink.asExpr()))
   }
 }
 
@@ -46,15 +42,11 @@ module ArithmeticUncontrolledUnderflowConfig implements DataFlow::ConfigSig {
   predicate isBarrier(DataFlow::Node n) { underflowBarrier(n) }
 
   predicate observeDiffInformedIncrementalMode() {
-    any() // TODO: Make sure that the location overrides match the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 33 (/Users/d10c/src/semmle-code/ql/java/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql@36:8:36:10), Column 5 does not select a source or sink originating from the flow call on line 33 (/Users/d10c/src/semmle-code/ql/java/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql@38:3:38:18)
-  }
-
-  Location getASelectedSourceLocation(DataFlow::Node source) {
-    none() // TODO: Make sure that this source location matches the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 33 (/Users/d10c/src/semmle-code/ql/java/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql@36:8:36:10), Column 5 does not select a source or sink originating from the flow call on line 33 (/Users/d10c/src/semmle-code/ql/java/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql@38:3:38:18)
+    any() // merged with ArithmeticUncontrolledOverflow in ArithmeticUncontrolled.ql
   }
 
   Location getASelectedSinkLocation(DataFlow::Node sink) {
-    none() // TODO: Make sure that this sink location matches the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 33 (/Users/d10c/src/semmle-code/ql/java/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql@36:8:36:10), Column 5 does not select a source or sink originating from the flow call on line 33 (/Users/d10c/src/semmle-code/ql/java/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql@38:3:38:18)
+    exists(ArithExpr exp | result = exp.getLocation() | underflowSink(exp, sink.asExpr()))
   }
 }