Apply suggestions from code review

atorralba · aschackmull · web-flow · commit 989afb446e5b · 2021-08-04T14:07:10.000+02:00
Co-authored-by: Anders Schack-Mulligen &lt;aschackmull@users.noreply.github.com&gt;
diff --git a/java/ql/src/semmle/code/java/security/JndiInjectionQuery.qll b/java/ql/src/semmle/code/java/security/JndiInjectionQuery.qll
@@ -40,20 +40,20 @@ private class UnsafeSearchControlsSink extends JndiInjectionSink {
 
 /**
  * Find flows between a `SearchControls` object with `setReturningObjFlag` = `true`
- * and an argument of a `LdapOperations.search` or `DirContext.search` call.
+ * and an argument of an `LdapOperations.search` or `DirContext.search` call.
  */
 private class UnsafeSearchControlsConf extends DataFlow2::Configuration {
   UnsafeSearchControlsConf() { this = "UnsafeSearchControlsConf" }
 
-  override predicate isSource(DataFlow2::Node source) { source instanceof UnsafeSearchControls }
+  override predicate isSource(DataFlow::Node source) { source instanceof UnsafeSearchControls }
 
-  override predicate isSink(DataFlow2::Node sink) { sink instanceof UnsafeSearchControlsArgument }
+  override predicate isSink(DataFlow::Node sink) { sink instanceof UnsafeSearchControlsArgument }
 }
 
 /**
- * An argument of type `SearchControls` of a a `LdapOperations.search` or `DirContext.search` call.
+ * An argument of type `SearchControls` of an `LdapOperations.search` or `DirContext.search` call.
  */
-private class UnsafeSearchControlsArgument extends DataFlow2::ExprNode {
+private class UnsafeSearchControlsArgument extends DataFlow::ExprNode {
   UnsafeSearchControlsArgument() {
     exists(MethodAccess ma, Method m |
       ma.getMethod() = m and
@@ -70,7 +70,7 @@ private class UnsafeSearchControlsArgument extends DataFlow2::ExprNode {
 /**
  * A `SearchControls` object with `setReturningObjFlag` = `true`.
  */
-private class UnsafeSearchControls extends DataFlow2::ExprNode {
+private class UnsafeSearchControls extends DataFlow::ExprNode {
   UnsafeSearchControls() {
     exists(MethodAccess ma |
       ma.getMethod() instanceof SetReturningObjFlagMethod and
@@ -95,8 +95,3 @@ private class SetReturningObjFlagMethod extends Method {
     this.hasName("setReturningObjFlag")
   }
 }
-
-/** The class `java.util.Hashtable`. */
-private class TypeHashtable extends Class {
-  TypeHashtable() { this.getSourceDeclaration().hasQualifiedName("java.util", "Hashtable") }
-}
diff --git a/java/ql/test/query-tests/security/CWE-074/JndiInjectionTest.ql b/java/ql/test/query-tests/security/CWE-074/JndiInjectionTest.ql
@@ -1,6 +1,4 @@
 import java
-import semmle.code.java.dataflow.TaintTracking
-import semmle.code.java.dataflow.FlowSources
 import semmle.code.java.security.JndiInjectionQuery
 import TestUtilities.InlineExpectationsTest
 
