Java: Clean up MVEL injection query

artem-smotrakov · artem-smotrakov · commit b7c3dd666cea · 2020-06-05T17:22:45.000+03:00
diff --git a/java/ql/src/experimental/Security/CWE/CWE-094/MvelInjection.qhelp b/java/ql/src/experimental/Security/CWE/CWE-094/MvelInjection.qhelp
@@ -23,6 +23,7 @@ The following example uses untrusted data to build a MVEL expression
 and then runs it in the default powerfull context.
 </p>
 <sample src="UnsafeMvelExpressionEvaluation.java" />
+</example>
 
 <references>
 <li>
diff --git a/java/ql/src/experimental/Security/CWE/CWE-094/MvelInjectionLib.qll b/java/ql/src/experimental/Security/CWE/CWE-094/MvelInjectionLib.qll
@@ -100,10 +100,6 @@ predicate createCompiledAccExpressionStep(DataFlow::Node node1, DataFlow::Node n
   )
 }
 
-predicate test() {
-  exists(ConstructorCall cc | cc.getConstructedType() instanceof CompiledAccExpression)
-}
-
 /**
  * Holds if `node1` to `node2` is a dataflow step that compiles a MVEL expression
  * by calling `ExpressionCompiler.compile()`.

Original file line number	Diff line number	Diff line change
`@@ -100,10 +100,6 @@ predicate createCompiledAccExpressionStep(DataFlow::Node node1, DataFlow::Node n`
`100`	`100`	`)`
`101`	`101`	`}`
`102`	`102`
`103`		`-predicate test() {`
`104`		`- exists(ConstructorCall cc \| cc.getConstructedType() instanceof CompiledAccExpression)`
`105`		`-}`
`106`		`-`
`107`	`103`	`/**`
`108`	`104`	* Holds if `node1` to `node2` is a dataflow step that compiles a MVEL expression
`109`	`105`	* by calling `ExpressionCompiler.compile()`.