Add missing QLDocs

egregius313 · egregius313 · commit 1c661fd3acdb · 2023-03-20T08:10:07.000-04:00
diff --git a/java/ql/lib/semmle/code/java/security/XxeLocalQuery.qll b/java/ql/lib/semmle/code/java/security/XxeLocalQuery.qll
@@ -24,6 +24,9 @@ deprecated class XxeLocalConfig extends TaintTracking::Configuration {
   }
 }
 
+/**
+ * A taint-tracking configuration for unvalidated local user input that is used in XML external entity expansion.
+ */
 module XxeLocalConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node src) { src instanceof LocalUserInput }
 
@@ -36,4 +39,7 @@ module XxeLocalConfig implements DataFlow::ConfigSig {
   }
 }
 
+/**
+ * Detect taint flow of unvalidated local user input that is used in XML external entity expansion.
+ */
 module XxeLocalFlow = TaintTracking::Make<XxeLocalConfig>;
diff --git a/java/ql/lib/semmle/code/java/security/XxeRemoteQuery.qll b/java/ql/lib/semmle/code/java/security/XxeRemoteQuery.qll
@@ -24,6 +24,9 @@ deprecated class XxeConfig extends TaintTracking::Configuration {
   }
 }
 
+/**
+ * A taint-tracking configuration for unvalidated remote user input that is used in XML external entity expansion.
+ */
 module XxeConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node src) { src instanceof RemoteFlowSource }
 
@@ -36,4 +39,7 @@ module XxeConfig implements DataFlow::ConfigSig {
   }
 }
 
+/**
+ * Detect taint flow of unvalidated remote user input that is used in XML external entity expansion.
+ */
 module XxeFlow = TaintTracking::Make<XxeConfig>;

Original file line number	Diff line number	Diff line change
`@@ -24,6 +24,9 @@ deprecated class XxeLocalConfig extends TaintTracking::Configuration {`
`24`	`24`	`}`
`25`	`25`	`}`
`26`	`26`
	`27`	`+/**`
	`28`	`+ * A taint-tracking configuration for unvalidated local user input that is used in XML external entity expansion.`
	`29`	`+ */`
`27`	`30`	`module XxeLocalConfig implements DataFlow::ConfigSig {`
`28`	`31`	`predicate isSource(DataFlow::Node src) { src instanceof LocalUserInput }`
`29`	`32`
`@@ -36,4 +39,7 @@ module XxeLocalConfig implements DataFlow::ConfigSig {`
`36`	`39`	`}`
`37`	`40`	`}`
`38`	`41`
	`42`	`+/**`
	`43`	`+ * Detect taint flow of unvalidated local user input that is used in XML external entity expansion.`
	`44`	`+ */`
`39`	`45`	`module XxeLocalFlow = TaintTracking::Make<XxeLocalConfig>;`
Original file line number	Diff line number	Diff line change
`@@ -24,6 +24,9 @@ deprecated class XxeConfig extends TaintTracking::Configuration {`
`24`	`24`	`}`
`25`	`25`	`}`
`26`	`26`
	`27`	`+/**`
	`28`	`+ * A taint-tracking configuration for unvalidated remote user input that is used in XML external entity expansion.`
	`29`	`+ */`
`27`	`30`	`module XxeConfig implements DataFlow::ConfigSig {`
`28`	`31`	`predicate isSource(DataFlow::Node src) { src instanceof RemoteFlowSource }`
`29`	`32`
`@@ -36,4 +39,7 @@ module XxeConfig implements DataFlow::ConfigSig {`
`36`	`39`	`}`
`37`	`40`	`}`
`38`	`41`
	`42`	`+/**`
	`43`	`+ * Detect taint flow of unvalidated remote user input that is used in XML external entity expansion.`
	`44`	`+ */`
`39`	`45`	`module XxeFlow = TaintTracking::Make<XxeConfig>;`