@@ -12,12 +12,7 @@ import semmle.code.java.security.InsecureLdapAuth
12
12
private module InsecureLdapUrlConfig implements DataFlow:: ConfigSig {
13
13
predicate isSource ( DataFlow:: Node src ) { src .asExpr ( ) instanceof InsecureLdapUrl }
14
14
15
- predicate isSink ( DataFlow:: Node sink ) {
16
- exists ( ConstructorCall cc |
17
- cc .getConstructedType ( ) .getAnAncestor ( ) instanceof TypeDirContext and
18
- sink .asExpr ( ) = cc .getArgument ( 0 )
19
- )
20
- }
15
+ predicate isSink ( DataFlow:: Node sink ) { sink instanceof InsecureLdapUrlSink }
21
16
22
17
/** Method call of `env.put()`. */
23
18
predicate isAdditionalFlowStep ( DataFlow:: Node pred , DataFlow:: Node succ ) {
@@ -37,16 +32,12 @@ module InsecureLdapUrlFlow = TaintTracking::Make<InsecureLdapUrlConfig>;
37
32
private module BasicAuthConfig implements DataFlow:: ConfigSig {
38
33
predicate isSource ( DataFlow:: Node src ) {
39
34
exists ( MethodAccess ma |
40
- isBasicAuthEnv ( ma ) and ma .getQualifier ( ) = src .( DataFlow:: PostUpdateNode ) .getPreUpdateNode ( ) .asExpr ( )
35
+ isBasicAuthEnv ( ma ) and
36
+ ma .getQualifier ( ) = src .( DataFlow:: PostUpdateNode ) .getPreUpdateNode ( ) .asExpr ( )
41
37
)
42
38
}
43
39
44
- predicate isSink ( DataFlow:: Node sink ) {
45
- exists ( ConstructorCall cc |
46
- cc .getConstructedType ( ) .getAnAncestor ( ) instanceof TypeDirContext and
47
- sink .asExpr ( ) = cc .getArgument ( 0 )
48
- )
49
- }
40
+ predicate isSink ( DataFlow:: Node sink ) { sink instanceof InsecureLdapUrlSink }
50
41
}
51
42
52
43
module BasicAuthFlow = DataFlow:: Make< BasicAuthConfig > ;
@@ -57,16 +48,12 @@ module BasicAuthFlow = DataFlow::Make<BasicAuthConfig>;
57
48
private module RequiresSslConfig implements DataFlow:: ConfigSig {
58
49
predicate isSource ( DataFlow:: Node src ) {
59
50
exists ( MethodAccess ma |
60
- isSslEnv ( ma ) and ma .getQualifier ( ) = src .( DataFlow:: PostUpdateNode ) .getPreUpdateNode ( ) .asExpr ( )
51
+ isSslEnv ( ma ) and
52
+ ma .getQualifier ( ) = src .( DataFlow:: PostUpdateNode ) .getPreUpdateNode ( ) .asExpr ( )
61
53
)
62
54
}
63
55
64
- predicate isSink ( DataFlow:: Node sink ) {
65
- exists ( ConstructorCall cc |
66
- cc .getConstructedType ( ) .getAnAncestor ( ) instanceof TypeDirContext and
67
- sink .asExpr ( ) = cc .getArgument ( 0 )
68
- )
69
- }
56
+ predicate isSink ( DataFlow:: Node sink ) { sink instanceof InsecureLdapUrlSink }
70
57
}
71
58
72
59
module RequiresSslFlow = DataFlow:: Make< RequiresSslConfig > ;
0 commit comments