Move LdapInjectionLib to LdapInjectionQuery.qll

egregius313 · egregius313 · commit e3af8b2c7fda · 2023-03-29T17:59:33.000-04:00
diff --git a/java/ql/lib/semmle/code/java/security/LdapInjectionQuery.qll b/java/ql/lib/semmle/code/java/security/LdapInjectionQuery.qll
@@ -1,3 +1,5 @@
+/** Provides a taint tracking configuration to reason about unvalidated user input that is used to construct LDAP queries. */
+
 import java
 import semmle.code.java.dataflow.FlowSources
 import semmle.code.java.security.LdapInjection
@@ -17,4 +19,5 @@ module LdapInjectionFlowConfig implements DataFlow::ConfigSig {
   }
 }
 
+/** Tracks flow from remote sources to LDAP injection vulnerabilities. */
 module LdapInjectionFlow = TaintTracking::Global<LdapInjectionFlowConfig>;
diff --git a/java/ql/src/Security/CWE/CWE-090/LdapInjection.ql b/java/ql/src/Security/CWE/CWE-090/LdapInjection.ql
@@ -13,7 +13,7 @@
 
 import java
 import semmle.code.java.dataflow.FlowSources
-import LdapInjectionLib
+import semmle.code.java.security.LdapInjectionQuery
 import LdapInjectionFlow::PathGraph
 
 from LdapInjectionFlow::PathNode source, LdapInjectionFlow::PathNode sink

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,5 @@`
	`1`	`+/** Provides a taint tracking configuration to reason about unvalidated user input that is used to construct LDAP queries. */`
	`2`	`+`
`1`	`3`	`import java`
`2`	`4`	`import semmle.code.java.dataflow.FlowSources`
`3`	`5`	`import semmle.code.java.security.LdapInjection`
`@@ -17,4 +19,5 @@ module LdapInjectionFlowConfig implements DataFlow::ConfigSig {`
`17`	`19`	`}`
`18`	`20`	`}`
`19`	`21`
	`22`	`+/** Tracks flow from remote sources to LDAP injection vulnerabilities. */`
`20`	`23`	`module LdapInjectionFlow = TaintTracking::Global<LdapInjectionFlowConfig>;`