Skip to content

Commit 59ce0d7

Browse files
egregius313egregius313
committed
Documentation changes
1 parent 0f4709e commit 59ce0d7

File tree

2 files changed

+2
-8
lines changed

2 files changed

+2
-8
lines changed

java/ql/lib/semmle/code/java/security/InsecureLdapAuth.qll

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ import semmle.code.java.frameworks.Networking
55
import semmle.code.java.frameworks.Jndi
66

77
/**
8-
* Insecure (non-SSL, non-private) LDAP URL string literal.
8+
* An insecure (non-SSL, non-private) LDAP URL string literal.
99
*/
1010
class InsecureLdapUrlLiteral extends StringLiteral {
1111
InsecureLdapUrlLiteral() {
@@ -30,7 +30,7 @@ private string getHostname(Expr expr) {
3030
}
3131

3232
/**
33-
* String concatenated with `InsecureLdapUrlLiteral`.
33+
* An expression that represents an insecure (non-SSL, non-private) LDAP URL.
3434
*/
3535
class InsecureLdapUrl extends Expr {
3636
InsecureLdapUrl() {

java/ql/lib/semmle/code/java/security/InsecureLdapAuthQuery.qll

Lines changed: 0 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -10,10 +10,8 @@ import semmle.code.java.security.InsecureLdapAuth
1010
* A taint-tracking configuration for `ldap://` URL in LDAP authentication.
1111
*/
1212
private module InsecureUrlFlowConfig implements DataFlow::ConfigSig {
13-
/** Source of `ldap://` connection string. */
1413
predicate isSource(DataFlow::Node src) { src.asExpr() instanceof InsecureLdapUrl }
1514

16-
/** Sink of directory context creation. */
1715
predicate isSink(DataFlow::Node sink) {
1816
exists(ConstructorCall cc |
1917
cc.getConstructedType().getAnAncestor() instanceof TypeDirContext and
@@ -37,14 +35,12 @@ module InsecureUrlFlowConfiguration = TaintTracking::Make<InsecureUrlFlowConfig>
3735
* A taint-tracking configuration for `simple` basic-authentication in LDAP configuration.
3836
*/
3937
private module BasicAuthFlowConfig implements DataFlow::ConfigSig {
40-
/** Source of `simple` configuration. */
4138
predicate isSource(DataFlow::Node src) {
4239
exists(MethodAccess ma |
4340
isBasicAuthEnv(ma) and ma.getQualifier() = src.(PostUpdateNode).getPreUpdateNode().asExpr()
4441
)
4542
}
4643

47-
/** Sink of directory context creation. */
4844
predicate isSink(DataFlow::Node sink) {
4945
exists(ConstructorCall cc |
5046
cc.getConstructedType().getAnAncestor() instanceof TypeDirContext and
@@ -59,14 +55,12 @@ module BasicAuthFlowConfiguration = DataFlow::Make<BasicAuthFlowConfig>;
5955
* A taint-tracking configuration for `ssl` configuration in LDAP authentication.
6056
*/
6157
private module SslFlowConfig implements DataFlow::ConfigSig {
62-
/** Source of `ssl` configuration. */
6358
predicate isSource(DataFlow::Node src) {
6459
exists(MethodAccess ma |
6560
isSslEnv(ma) and ma.getQualifier() = src.(PostUpdateNode).getPreUpdateNode().asExpr()
6661
)
6762
}
6863

69-
/** Sink of directory context creation. */
7064
predicate isSink(DataFlow::Node sink) {
7165
exists(ConstructorCall cc |
7266
cc.getConstructedType().getAnAncestor() instanceof TypeDirContext and

0 commit comments

Comments
 (0)