Fixup sources.

github · Apr 23, 2024 · 67d292c · 67d292c
1 parent 35aff1c
commit 67d292c
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 6 deletions.
diff --git a/java/ql/lib/semmle/code/java/dataflow/ApiSources.qll b/java/ql/lib/semmle/code/java/dataflow/ApiSources.qll
@@ -17,12 +17,14 @@ private module ApiSources {
   private import semmle.code.java.security.ArbitraryApkInstallation as ArbitraryApkInstallation
   private import semmle.code.java.security.CleartextStorageAndroidDatabaseQuery as CleartextStorageAndroidDatabaseQuery
   private import semmle.code.java.security.CleartextStorageAndroidFilesystemQuery as CleartextStorageAndroidFilesystemQuery
+  private import semmle.code.java.security.CleartextStorageCookieQuery as CleartextStorageCookieQuery
   private import semmle.code.java.security.CleartextStorageSharedPrefsQuery as CleartextStorageSharedPrefsQuery
   private import semmle.code.java.security.ImplicitPendingIntentsQuery as ImplicitPendingIntentsQuery
   private import semmle.code.java.security.ImproperIntentVerificationQuery as ImproperIntentVerificationQuery
-  private import semmle.code.java.security.InsecureTrustManagerQuery as InsecureTrustManagerQuery
-  private import semmle.code.java.security.MissingJWTSignatureCheckQuery as MissingJWTSignatureCheckQuery
+  private import semmle.code.java.security.InsecureTrustManager as InsecureTrustManager
+  private import semmle.code.java.security.JWT as Jwt
   private import semmle.code.java.security.XSS as Xss
+  // TODO: Check below.
   private import semmle.code.java.security.StackTraceExposureQuery as StackTraceExposureQuery
   private import semmle.code.java.security.UnsafeCertTrustQuery as UnsafeCertTrustQuery
   private import semmle.code.java.security.ZipSlipQuery as ZipSlipQuery
@@ -38,6 +40,9 @@ private module ApiSources {
   private class CleartextStorageAndroidFilesystemQuerySources extends SourceNode instanceof CleartextStorageAndroidFilesystemQuery::LocalFileOpenCallSource
   { }
 
+  private class CleartextStorageCookieQuerySources extends SourceNode instanceof CleartextStorageCookieQuery::CookieSource
+  { }
+
   private class CleartextStorageSharedPrefsQuerySources extends SourceNode instanceof CleartextStorageSharedPrefsQuery::SharedPreferencesEditorMethodCallSource
   { }
 
@@ -47,11 +52,10 @@ private module ApiSources {
   private class ImproperIntentVerificationQuerySources extends SourceNode instanceof ImproperIntentVerificationQuery::VerifiedIntentConfigSource
   { }
 
-  private class InsecureTrustManagerQuerySources extends SourceNode instanceof InsecureTrustManagerQuery::InsecureTrustManagerSource
+  private class InsecureTrustManagerSources extends SourceNode instanceof InsecureTrustManager::InsecureTrustManagerSource
   { }
 
-  private class MissingJWTSignatureCheckQuerySources extends SourceNode instanceof MissingJWTSignatureCheckQuery::JwtParserWithInsecureParseSource
-  { }
+  private class JwtSources extends SourceNode instanceof Jwt::JwtParserWithInsecureParseSource { }
 
   private class XssSources extends SourceNode instanceof Xss::XssVulnerableWriterSourceNode { }
 

diff --git a/java/ql/lib/semmle/code/java/security/CleartextStorageCookieQuery.qll b/java/ql/lib/semmle/code/java/security/CleartextStorageCookieQuery.qll
@@ -37,6 +37,13 @@ private predicate cookieStore(DataFlow::Node cookie, Expr store) {
   )
 }
 
+/**
+ * A class of cookie source nodes.
+ */
+class CookieSource extends DataFlow::Node {
+  CookieSource() { this.asExpr() instanceof Cookie }
+}
+
 /**
  * A class of cookie store sink nodes.
  */
@@ -45,7 +52,7 @@ class CookieStoreSink extends DataFlow::Node {
 }
 
 private module CookieToStoreFlowConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node src) { src.asExpr() instanceof Cookie }
+  predicate isSource(DataFlow::Node src) { src instanceof CookieSource }
 
   predicate isSink(DataFlow::Node sink) { sink instanceof CookieStoreSink }
 }