Skip to content

Commit eceb5b2

Browse files
committed
Java: TempDirLocalInformationDisclosure
1 parent 098cea4 commit eceb5b2

File tree

1 file changed

+5
-7
lines changed

1 file changed

+5
-7
lines changed

java/ql/lib/semmle/code/java/security/TempDirLocalInformationDisclosureQuery.qll

Lines changed: 5 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -146,17 +146,15 @@ module TempDirSystemGetPropertyToCreateConfig implements DataFlow::ConfigSig {
146146
sanitizer instanceof WindowsOsSanitizer
147147
}
148148

149-
predicate observeDiffInformedIncrementalMode() {
150-
any() // TODO: Make sure that the location overrides match the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 56 (/Users/d10c/src/semmle-code/ql/java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.ql@67:8:67:23), Column 5 does not select a source or sink originating from the flow call on line 56 (/Users/d10c/src/semmle-code/ql/java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.ql@67:49:67:64)
151-
}
149+
predicate observeDiffInformedIncrementalMode() { any() }
152150

153151
Location getASelectedSourceLocation(DataFlow::Node source) {
154-
none() // TODO: Make sure that this source location matches the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 56 (/Users/d10c/src/semmle-code/ql/java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.ql@67:8:67:23), Column 5 does not select a source or sink originating from the flow call on line 56 (/Users/d10c/src/semmle-code/ql/java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.ql@67:49:67:64)
152+
result = source.getLocation()
153+
or
154+
result = any(MethodCallInsecureFileCreation m).getLocation()
155155
}
156156

157-
Location getASelectedSinkLocation(DataFlow::Node sink) {
158-
none() // TODO: Make sure that this sink location matches the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 56 (/Users/d10c/src/semmle-code/ql/java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.ql@67:8:67:23), Column 5 does not select a source or sink originating from the flow call on line 56 (/Users/d10c/src/semmle-code/ql/java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.ql@67:49:67:64)
159-
}
157+
Location getASelectedSinkLocation(DataFlow::Node sink) { none() }
160158
}
161159

162160
/**

0 commit comments

Comments
 (0)