From 77d4af153dce1d38d687cf3086a3552f74e00277 Mon Sep 17 00:00:00 2001 From: Alex Eyers-Taylor Date: Thu, 25 Sep 2025 17:20:33 +0100 Subject: [PATCH] Java: Make some query libraries local. --- .../lib/semmle/code/java/security/BrokenCryptoAlgorithmQuery.qll | 1 + .../code/java/security/StaticInitializationVectorQuery.qll | 1 + java/ql/lib/semmle/code/java/security/UrlForwardQuery.qll | 1 + 3 files changed, 3 insertions(+) diff --git a/java/ql/lib/semmle/code/java/security/BrokenCryptoAlgorithmQuery.qll b/java/ql/lib/semmle/code/java/security/BrokenCryptoAlgorithmQuery.qll index 4f9e39b23f2d..0c1f14c902b6 100644 --- a/java/ql/lib/semmle/code/java/security/BrokenCryptoAlgorithmQuery.qll +++ b/java/ql/lib/semmle/code/java/security/BrokenCryptoAlgorithmQuery.qll @@ -12,6 +12,7 @@ private class ShortStringLiteral extends StringLiteral { /** * A string literal that may refer to a broken or risky cryptographic algorithm. */ +overlay[local?] class BrokenAlgoLiteral extends ShortStringLiteral { BrokenAlgoLiteral() { this.getValue().regexpMatch(getInsecureAlgorithmRegex()) and diff --git a/java/ql/lib/semmle/code/java/security/StaticInitializationVectorQuery.qll b/java/ql/lib/semmle/code/java/security/StaticInitializationVectorQuery.qll index 282133ec5c67..a03775990541 100644 --- a/java/ql/lib/semmle/code/java/security/StaticInitializationVectorQuery.qll +++ b/java/ql/lib/semmle/code/java/security/StaticInitializationVectorQuery.qll @@ -33,6 +33,7 @@ private class StaticByteArrayCreation extends ArrayCreationExpr { } /** An expression that updates `array`. */ +overlay[local?] private class ArrayUpdate extends Expr { Expr array; diff --git a/java/ql/lib/semmle/code/java/security/UrlForwardQuery.qll b/java/ql/lib/semmle/code/java/security/UrlForwardQuery.qll index 7234b4c788f5..895e824b3dbd 100644 --- a/java/ql/lib/semmle/code/java/security/UrlForwardQuery.qll +++ b/java/ql/lib/semmle/code/java/security/UrlForwardQuery.qll @@ -69,6 +69,7 @@ private class FollowsBarrierPrefix extends UrlForwardBarrier { FollowsBarrierPrefix() { this.asExpr() = any(BarrierPrefix fp).getAnAppendedExpression() } } +overlay[local?] private class BarrierPrefix extends InterestingPrefix { int offset;