Typos and rewording

egregius313 · atorralba · web-flow · commit 8250e4393c43 · 2023-03-30T10:59:12.000-04:00
Co-authored-by: Tony Torralba &lt;atorralba@users.noreply.github.com&gt;
diff --git a/java/ql/lib/change-notes/2023-03-29-moved-configurations-for-queries.md b/java/ql/lib/change-notes/2023-03-29-moved-configurations-for-queries.md
@@ -3,7 +3,7 @@ category: minorAnalysis
 ---
 * Added the `TaintedPathQuery.qll` library to provide the `TaintedPathFlow` and `TaintedPathLocalFlow` taint-tracking modules to reason about tainted path vulnerabilities.
 * Added the `ZipSlipQuery.qll` library to provide the `ZipSlipFlow` taint-tracking module to reason about zip-slip vulnerabilities.
-* Added the `InsecureBeanValidationQuery.qll` library to provide the `BeanValidationFlow` taint-tracking module  to reason about bean validation vulnerabilities.
+* Added the `InsecureBeanValidationQuery.qll` library to provide the `BeanValidationFlow` taint-tracking module to reason about bean validation vulnerabilities.
 * Added the `XssQuery.qll` library to provide the `XssFlow` taint-tracking module to reason about cross site scripting vulnerabilities.
 * Added the `LdapInjectionQuery.qll` library to provide the `LdapInjectionFlow` taint-tracking module to reason about LDAP injection vulnerabilities.
 * Added the `ResponseSplittingQuery.qll` library to provide the `ResponseSplittingFlow` taint-tracking module to reason about response splitting vulnerabilities.
diff --git a/java/ql/lib/semmle/code/java/security/InsecureBeanValidationQuery.qll b/java/ql/lib/semmle/code/java/security/InsecureBeanValidationQuery.qll
@@ -6,7 +6,7 @@ import semmle.code.java.dataflow.FlowSources
 private import semmle.code.java.dataflow.ExternalFlow
 
 /**
- * A message interpolator Type that perform Expression Language (EL) evaluations
+ * A message interpolator Type that perform Expression Language (EL) evaluations.
  */
 class ELMessageInterpolatorType extends RefType {
   ELMessageInterpolatorType() {
diff --git a/java/ql/lib/semmle/code/java/security/TaintedPathQuery.qll b/java/ql/lib/semmle/code/java/security/TaintedPathQuery.qll
@@ -77,7 +77,7 @@ module TaintedPathConfig implements DataFlow::ConfigSig {
 module TaintedPathFlow = TaintTracking::Global<TaintedPathConfig>;
 
 /**
- * A taint-tracking configuration for tracking flow from user input to the creation of a path.
+ * A taint-tracking configuration for tracking flow from local user input to the creation of a path.
  */
 module TaintedPathLocalConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof LocalUserInput }
@@ -100,5 +100,5 @@ module TaintedPathLocalConfig implements DataFlow::ConfigSig {
   }
 }
 
-/** Tracks flow from user input to the creation of a path. */
+/** Tracks flow from local user input to the creation of a path. */
 module TaintedPathLocalFlow = TaintTracking::Global<TaintedPathLocalConfig>;

Original file line number	Diff line number	Diff line change
`@@ -77,7 +77,7 @@ module TaintedPathConfig implements DataFlow::ConfigSig {`
`77`	`77`	`module TaintedPathFlow = TaintTracking::Global<TaintedPathConfig>;`
`78`	`78`
`79`	`79`	`/**`
`80`		`- * A taint-tracking configuration for tracking flow from user input to the creation of a path.`
	`80`	`+ * A taint-tracking configuration for tracking flow from local user input to the creation of a path.`
`81`	`81`	`*/`
`82`	`82`	`module TaintedPathLocalConfig implements DataFlow::ConfigSig {`
`83`	`83`	`predicate isSource(DataFlow::Node source) { source instanceof LocalUserInput }`
`@@ -100,5 +100,5 @@ module TaintedPathLocalConfig implements DataFlow::ConfigSig {`
`100`	`100`	`}`
`101`	`101`	`}`
`102`	`102`
`103`		`-/** Tracks flow from user input to the creation of a path. */`
	`103`	`+/** Tracks flow from local user input to the creation of a path. */`
`104`	`104`	`module TaintedPathLocalFlow = TaintTracking::Global<TaintedPathLocalConfig>;`