Fix qldoc grammar and style mistakes

rvermeulen · intrigus-lgtm · web-flow · commit 3ae3a879d249 · 2020-08-06T23:00:03.000+02:00
Co-authored-by: intrigus-lgtm &lt;60750685+intrigus-lgtm@users.noreply.github.com&gt;
diff --git a/java/ql/src/semmle/code/java/security/LdapInjection.qll b/java/ql/src/semmle/code/java/security/LdapInjection.qll
@@ -16,12 +16,12 @@ abstract class LdapInjectionSanitizer extends DataFlow::Node { }
 /**
  * A unit class for adding additional taint steps.
  *
- * Extend this class to add additional taint steps that should apply to the LdapInjectionFlowConfig.
+ * Extend this class to add additional taint steps that should apply to the `LdapInjectionFlowConfig`.
  */
 class LdapInjectionAdditionalTaintStep extends TaintTracking::Unit {
   /**
    * Holds if the step from `node1` to `node2` should be considered a taint
-   * step for the LdapInjectionFlowConfig configuration.
+   * step for the `LdapInjectionFlowConfig` configuration.
    */
   abstract predicate step(DataFlow::Node node1, DataFlow::Node node2);
 }
@@ -37,22 +37,22 @@ private class DefaultLdapInjectionSink extends LdapInjectionSink {
   }
 }
 
-/** Holds if the method parameter at index is susceptible to a LDAP injection attack. */
+/** Holds if the method parameter at `index` is susceptible to an LDAP injection attack. */
 private predicate ldapInjectionSinkMethod(Method m, int index) {
   jndiLdapInjectionSinkMethod(m, index) or
   unboundIdLdapInjectionSinkMethod(m, index) or
   springLdapInjectionSinkMethod(m, index) or
   apacheLdapInjectionSinkMethod(m, index)
 }
 
-/** Holds if the JNDI method parameter at index is susceptible to a LDAP injection attack. */
+/** Holds if the JNDI method parameter at `index` is susceptible to an LDAP injection attack. */
 private predicate jndiLdapInjectionSinkMethod(Method m, int index) {
   m.getDeclaringType().getAnAncestor() instanceof TypeDirContext and
   m.hasName("search") and
   index in [0 .. 1]
 }
 
-/** Holds if the UnboundID method parameter at `index` is susceptible to a LDAP injection attack. */
+/** Holds if the UnboundID method parameter at `index` is susceptible to an LDAP injection attack. */
 private predicate unboundIdLdapInjectionSinkMethod(Method m, int index) {
   exists(Parameter param | m.getParameter(index) = param and not param.isVarargs() |
     m instanceof MethodUnboundIdLDAPConnectionSearch or
@@ -61,7 +61,7 @@ private predicate unboundIdLdapInjectionSinkMethod(Method m, int index) {
   )
 }
 
-/** Holds if the Spring method parameter at `index` is susceptible to a LDAP injection attack. */
+/** Holds if the Spring method parameter at `index` is susceptible to an LDAP injection attack. */
 private predicate springLdapInjectionSinkMethod(Method m, int index) {
   // LdapTemplate.authenticate, LdapTemplate.find* or LdapTemplate.search* method
   (
@@ -84,15 +84,15 @@ private predicate springLdapInjectionSinkMethod(Method m, int index) {
   )
 }
 
-/** Holds if the Apache LDAP API method parameter at `index` is susceptible to a LDAP injection attack. */
+/** Holds if the Apache LDAP API method parameter at `index` is susceptible to an LDAP injection attack. */
 private predicate apacheLdapInjectionSinkMethod(Method m, int index) {
   exists(Parameter param | m.getParameter(index) = param and not param.isVarargs() |
     m.getDeclaringType().getAnAncestor() instanceof TypeApacheLdapConnection and
     m.hasName("search")
   )
 }
 
-/** A sanitizer that clears the taint on (boxed) primitive types */
+/** A sanitizer that clears the taint on (boxed) primitive types. */
 private class DefaultLdapSanitizer extends LdapInjectionSanitizer {
   DefaultLdapSanitizer() {
     this.getType() instanceof PrimitiveType or

Original file line number	Diff line number	Diff line change
`@@ -16,12 +16,12 @@ abstract class LdapInjectionSanitizer extends DataFlow::Node { }`
`16`	`16`	`/**`
`17`	`17`	`* A unit class for adding additional taint steps.`
`18`	`18`	`*`
`19`		`- * Extend this class to add additional taint steps that should apply to the LdapInjectionFlowConfig.`
	`19`	+ * Extend this class to add additional taint steps that should apply to the `LdapInjectionFlowConfig`.
`20`	`20`	`*/`
`21`	`21`	`class LdapInjectionAdditionalTaintStep extends TaintTracking::Unit {`
`22`	`22`	`/**`
`23`	`23`	* Holds if the step from `node1` to `node2` should be considered a taint
`24`		`- * step for the LdapInjectionFlowConfig configuration.`
	`24`	+ * step for the `LdapInjectionFlowConfig` configuration.
`25`	`25`	`*/`
`26`	`26`	`abstract predicate step(DataFlow::Node node1, DataFlow::Node node2);`
`27`	`27`	`}`
`@@ -37,22 +37,22 @@ private class DefaultLdapInjectionSink extends LdapInjectionSink {`
`37`	`37`	`}`
`38`	`38`	`}`
`39`	`39`
`40`		`-/** Holds if the method parameter at index is susceptible to a LDAP injection attack. */`
	`40`	+/** Holds if the method parameter at `index` is susceptible to an LDAP injection attack. */
`41`	`41`	`private predicate ldapInjectionSinkMethod(Method m, int index) {`
`42`	`42`	`jndiLdapInjectionSinkMethod(m, index) or`
`43`	`43`	`unboundIdLdapInjectionSinkMethod(m, index) or`
`44`	`44`	`springLdapInjectionSinkMethod(m, index) or`
`45`	`45`	`apacheLdapInjectionSinkMethod(m, index)`
`46`	`46`	`}`
`47`	`47`
`48`		`-/** Holds if the JNDI method parameter at index is susceptible to a LDAP injection attack. */`
	`48`	+/** Holds if the JNDI method parameter at `index` is susceptible to an LDAP injection attack. */
`49`	`49`	`private predicate jndiLdapInjectionSinkMethod(Method m, int index) {`
`50`	`50`	`m.getDeclaringType().getAnAncestor() instanceof TypeDirContext and`
`51`	`51`	`m.hasName("search") and`
`52`	`52`	`index in [0 .. 1]`
`53`	`53`	`}`
`54`	`54`
`55`		-/** Holds if the UnboundID method parameter at `index` is susceptible to a LDAP injection attack. */
	`55`	+/** Holds if the UnboundID method parameter at `index` is susceptible to an LDAP injection attack. */
`56`	`56`	`private predicate unboundIdLdapInjectionSinkMethod(Method m, int index) {`
`57`	`57`	`exists(Parameter param \| m.getParameter(index) = param and not param.isVarargs() \|`
`58`	`58`	`m instanceof MethodUnboundIdLDAPConnectionSearch or`
`@@ -61,7 +61,7 @@ private predicate unboundIdLdapInjectionSinkMethod(Method m, int index) {`
`61`	`61`	`)`
`62`	`62`	`}`
`63`	`63`
`64`		-/** Holds if the Spring method parameter at `index` is susceptible to a LDAP injection attack. */
	`64`	+/** Holds if the Spring method parameter at `index` is susceptible to an LDAP injection attack. */
`65`	`65`	`private predicate springLdapInjectionSinkMethod(Method m, int index) {`
`66`	`66`	`// LdapTemplate.authenticate, LdapTemplate.find* or LdapTemplate.search* method`
`67`	`67`	`(`
`@@ -84,15 +84,15 @@ private predicate springLdapInjectionSinkMethod(Method m, int index) {`
`84`	`84`	`)`
`85`	`85`	`}`
`86`	`86`
`87`		-/** Holds if the Apache LDAP API method parameter at `index` is susceptible to a LDAP injection attack. */
	`87`	+/** Holds if the Apache LDAP API method parameter at `index` is susceptible to an LDAP injection attack. */
`88`	`88`	`private predicate apacheLdapInjectionSinkMethod(Method m, int index) {`
`89`	`89`	`exists(Parameter param \| m.getParameter(index) = param and not param.isVarargs() \|`
`90`	`90`	`m.getDeclaringType().getAnAncestor() instanceof TypeApacheLdapConnection and`
`91`	`91`	`m.hasName("search")`
`92`	`92`	`)`
`93`	`93`	`}`
`94`	`94`
`95`		`-/** A sanitizer that clears the taint on (boxed) primitive types */`
	`95`	`+/** A sanitizer that clears the taint on (boxed) primitive types. */`
`96`	`96`	`private class DefaultLdapSanitizer extends LdapInjectionSanitizer {`
`97`	`97`	`DefaultLdapSanitizer() {`
`98`	`98`	`this.getType() instanceof PrimitiveType or`