Import changes

egregius313 · atorralba · egregius313 · commit 24d48591491b · 2023-03-27T12:16:44.000-04:00
Co-authored-by: Tony Torralba &lt;atorralba@users.noreply.github.com&gt;
diff --git a/java/ql/lib/semmle/code/java/security/InsecureLdapAuthQuery.qll b/java/ql/lib/semmle/code/java/security/InsecureLdapAuthQuery.qll
@@ -1,9 +1,9 @@
 /** Provides dataflow configurations to reason about insecure LDAP authentication. */
 
 import java
-import DataFlow
 import semmle.code.java.dataflow.DataFlow
 import semmle.code.java.dataflow.TaintTracking
+import semmle.code.java.frameworks.Jndi
 import semmle.code.java.security.InsecureLdapAuth
 
 /**
@@ -37,7 +37,7 @@ module InsecureLdapUrlFlow = TaintTracking::Make<InsecureLdapUrlConfig>;
 private module BasicAuthConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node src) {
     exists(MethodAccess ma |
-      isBasicAuthEnv(ma) and ma.getQualifier() = src.(PostUpdateNode).getPreUpdateNode().asExpr()
+      isBasicAuthEnv(ma) and ma.getQualifier() = src.(DataFlow::PostUpdateNode).getPreUpdateNode().asExpr()
     )
   }
 
@@ -57,7 +57,7 @@ module BasicAuthFlow = DataFlow::Make<BasicAuthConfig>;
 private module RequiresSslConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node src) {
     exists(MethodAccess ma |
-      isSslEnv(ma) and ma.getQualifier() = src.(PostUpdateNode).getPreUpdateNode().asExpr()
+      isSslEnv(ma) and ma.getQualifier() = src.(DataFlow::PostUpdateNode).getPreUpdateNode().asExpr()
     )
   }
 

Original file line number	Diff line number	Diff line change
`@@ -1,9 +1,9 @@`
`1`	`1`	`/** Provides dataflow configurations to reason about insecure LDAP authentication. */`
`2`	`2`
`3`	`3`	`import java`
`4`		`-import DataFlow`
`5`	`4`	`import semmle.code.java.dataflow.DataFlow`
`6`	`5`	`import semmle.code.java.dataflow.TaintTracking`
	`6`	`+import semmle.code.java.frameworks.Jndi`
`7`	`7`	`import semmle.code.java.security.InsecureLdapAuth`
`8`	`8`
`9`	`9`	`/**`
`@@ -37,7 +37,7 @@ module InsecureLdapUrlFlow = TaintTracking::Make<InsecureLdapUrlConfig>;`
`37`	`37`	`private module BasicAuthConfig implements DataFlow::ConfigSig {`
`38`	`38`	`predicate isSource(DataFlow::Node src) {`
`39`	`39`	`exists(MethodAccess ma \|`
`40`		`- isBasicAuthEnv(ma) and ma.getQualifier() = src.(PostUpdateNode).getPreUpdateNode().asExpr()`
	`40`	`+ isBasicAuthEnv(ma) and ma.getQualifier() = src.(DataFlow::PostUpdateNode).getPreUpdateNode().asExpr()`
`41`	`41`	`)`
`42`	`42`	`}`
`43`	`43`
`@@ -57,7 +57,7 @@ module BasicAuthFlow = DataFlow::Make<BasicAuthConfig>;`
`57`	`57`	`private module RequiresSslConfig implements DataFlow::ConfigSig {`
`58`	`58`	`predicate isSource(DataFlow::Node src) {`
`59`	`59`	`exists(MethodAccess ma \|`
`60`		`- isSslEnv(ma) and ma.getQualifier() = src.(PostUpdateNode).getPreUpdateNode().asExpr()`
	`60`	`+ isSslEnv(ma) and ma.getQualifier() = src.(DataFlow::PostUpdateNode).getPreUpdateNode().asExpr()`
`61`	`61`	`)`
`62`	`62`	`}`
`63`	`63`