зеркало из https://github.com/github/codeql.git
delete redundant imports
This commit is contained in:
Erik Krogh Kristensen
Родитель
ae20393e38
Коммит
ff73dbc35c
|
|
@ -4,7 +4,6 @@
|
|||
|
||||
import semmle.code.cpp.Variable
|
||||
import semmle.code.cpp.Enum
|
||||
import semmle.code.cpp.exprs.Access
|
||||
|
||||
/**
|
||||
* A C structure member or C++ non-static member variable. For example the
|
||||
|
|
|
|||
|
|
@ -1802,5 +1802,3 @@ module SimpleRangeAnalysisInternal {
|
|||
defMightOverflowNegatively(def, v) and result = varMaxVal(v)
|
||||
}
|
||||
}
|
||||
|
||||
private import SimpleRangeAnalysisInternal
|
||||
|
|
|
|||
|
|
@ -6,7 +6,6 @@
|
|||
*/
|
||||
|
||||
import cpp
|
||||
import semmle.code.cpp.commons.Alloc
|
||||
import semmle.code.cpp.commons.Buffer
|
||||
import semmle.code.cpp.commons.Scanf
|
||||
import semmle.code.cpp.models.implementations.Strcat
|
||||
|
|
|
|||
|
|
@ -13,7 +13,6 @@
|
|||
|
||||
import cpp
|
||||
import LeapYear
|
||||
import semmle.code.cpp.dataflow.DataFlow
|
||||
|
||||
from Expr source, Expr sink, PossibleYearArithmeticOperationCheckConfiguration config
|
||||
where config.hasFlow(DataFlow::exprNode(source), DataFlow::exprNode(sink))
|
||||
|
|
|
|||
|
|
@ -10,7 +10,6 @@
|
|||
|
||||
import cpp
|
||||
import NtohlArrayNoBound
|
||||
import semmle.code.cpp.dataflow.DataFlow
|
||||
|
||||
from NetworkToBufferSizeConfiguration bufConfig, DataFlow::Node source, DataFlow::Node sink
|
||||
where bufConfig.hasFlow(source, sink)
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@
|
|||
*/
|
||||
|
||||
import semmle.code.cpp.security.BufferWrite
|
||||
import semmle.code.cpp.commons.Alloc
|
||||
|
||||
/*
|
||||
* See CWE-120/UnboundedWrite.ql for a summary of CWE-120 alert cases.
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@
|
|||
*/
|
||||
|
||||
import semmle.code.cpp.security.BufferWrite
|
||||
import semmle.code.cpp.commons.Alloc
|
||||
|
||||
/*
|
||||
* See CWE-120/UnboundedWrite.ql for a summary of CWE-120 alert cases.
|
||||
|
|
|
|||
|
|
@ -16,7 +16,6 @@
|
|||
*/
|
||||
|
||||
import cpp
|
||||
import semmle.code.cpp.exprs.BitwiseOperation
|
||||
import semmle.code.cpp.valuenumbering.GlobalValueNumbering
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -4,7 +4,6 @@
|
|||
|
||||
import semmle.code.cpp.ir.dataflow.DataFlow
|
||||
import IRConfiguration
|
||||
import cpp
|
||||
import DataFlow::PathGraph
|
||||
|
||||
from DataFlow::PathNode src, DataFlow::PathNode sink, IRConf conf
|
||||
|
|
|
|||
|
|
@ -4,7 +4,6 @@
|
|||
|
||||
import semmle.code.cpp.dataflow.DataFlow
|
||||
import ASTConfiguration
|
||||
import cpp
|
||||
import DataFlow::PathGraph
|
||||
|
||||
from DataFlow::PathNode src, DataFlow::PathNode sink, AstConf conf
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@
|
|||
private import csharp
|
||||
private import AssignableDefinitions
|
||||
private import SsaImpl as SsaImpl
|
||||
private import semmle.code.csharp.dataflow.SSA
|
||||
|
||||
class BasicBlock = ControlFlow::BasicBlock;
|
||||
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
*/
|
||||
|
||||
import Expr
|
||||
import semmle.code.csharp.Callable
|
||||
import semmle.code.csharp.dataflow.CallContext as CallContext
|
||||
private import semmle.code.csharp.dataflow.internal.DelegateDataFlow
|
||||
private import semmle.code.csharp.dataflow.internal.DataFlowDispatch
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@
|
|||
*/
|
||||
|
||||
import Expr
|
||||
import semmle.code.csharp.Callable
|
||||
private import semmle.code.csharp.frameworks.system.linq.Expressions
|
||||
private import semmle.code.csharp.TypeRef
|
||||
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@ import Dynamic
|
|||
import Literal
|
||||
import LogicalOperation
|
||||
import semmle.code.csharp.controlflow.ControlFlowElement
|
||||
import semmle.code.csharp.Callable
|
||||
import semmle.code.csharp.Location
|
||||
import semmle.code.csharp.Stmt
|
||||
import semmle.code.csharp.Type
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
|
||||
import csharp
|
||||
private import semmle.code.csharp.dataflow.flowsources.Remote
|
||||
private import semmle.code.csharp.dataflow.TaintTracking
|
||||
private import semmle.code.csharp.frameworks.System
|
||||
private import semmle.code.csharp.dataflow.FlowSummary
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
import csharp
|
||||
import semmle.code.csharp.dataflow.DataFlow
|
||||
|
||||
class ImplementsICryptoTransform extends Class {
|
||||
ImplementsICryptoTransform() {
|
||||
|
|
|
|||
|
|
@ -11,7 +11,6 @@
|
|||
|
||||
import csharp
|
||||
import DataFlow::PathGraph
|
||||
import semmle.code.csharp.dataflow.TaintTracking
|
||||
|
||||
class UnsafeYearCreationFromArithmeticConfiguration extends TaintTracking::Configuration {
|
||||
UnsafeYearCreationFromArithmeticConfiguration() {
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
import csharp
|
||||
import semmle.code.csharp.dataflow.DataFlow
|
||||
|
||||
abstract class ParallelSink extends DataFlow::Node { }
|
||||
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@
|
|||
*/
|
||||
|
||||
import csharp
|
||||
import semmle.code.csharp.dataflow.DataFlow
|
||||
import ParallelSink
|
||||
import ICryptoTransform
|
||||
|
||||
|
|
|
|||
|
|
@ -10,7 +10,6 @@
|
|||
*/
|
||||
|
||||
import csharp
|
||||
import semmle.code.csharp.dataflow.TaintTracking
|
||||
import semmle.code.csharp.security.dataflow.ExternalAPIsQuery
|
||||
import DataFlow::PathGraph
|
||||
|
||||
|
|
|
|||
|
|
@ -14,7 +14,6 @@
|
|||
import csharp
|
||||
import semmle.code.csharp.security.dataflow.flowsources.Remote
|
||||
import semmle.code.csharp.security.dataflow.flowsources.Local
|
||||
import semmle.code.csharp.dataflow.TaintTracking
|
||||
import semmle.code.csharp.frameworks.Format
|
||||
import DataFlow::PathGraph
|
||||
|
||||
|
|
|
|||
|
|
@ -14,7 +14,6 @@
|
|||
|
||||
import csharp
|
||||
import semmle.code.asp.WebConfig
|
||||
import semmle.code.csharp.XML
|
||||
|
||||
class Application_Error extends Method {
|
||||
Application_Error() {
|
||||
|
|
|
|||
|
|
@ -2,13 +2,11 @@
|
|||
|
||||
private import csharp
|
||||
private import semmle.code.csharp.dispatch.Dispatch
|
||||
private import semmle.code.csharp.dataflow.DataFlow
|
||||
private import semmle.code.csharp.dataflow.ExternalFlow
|
||||
private import semmle.code.csharp.dataflow.FlowSummary
|
||||
private import semmle.code.csharp.dataflow.internal.DataFlowImplCommon as DataFlowImplCommon
|
||||
private import semmle.code.csharp.dataflow.internal.DataFlowPrivate
|
||||
private import semmle.code.csharp.dataflow.internal.DataFlowDispatch as DataFlowDispatch
|
||||
private import semmle.code.csharp.dataflow.TaintTracking
|
||||
private import semmle.code.csharp.dataflow.internal.TaintTrackingPrivate
|
||||
private import semmle.code.csharp.security.dataflow.flowsources.Remote
|
||||
|
||||
|
|
|
|||
|
|
@ -10,7 +10,6 @@
|
|||
|
||||
import csharp
|
||||
import semmle.code.csharp.dataflow.DataFlow2
|
||||
import semmle.code.csharp.dataflow.TaintTracking
|
||||
import semmle.code.csharp.dataflow.TaintTracking2
|
||||
import DataFlow::PathGraph
|
||||
|
||||
|
|
|
|||
|
|
@ -13,7 +13,6 @@ private import TranslatedExpr
|
|||
private import TranslatedStmt
|
||||
private import desugar.Foreach
|
||||
private import TranslatedFunction
|
||||
private import experimental.ir.Util
|
||||
private import experimental.ir.internal.IRCSharpLanguage as Language
|
||||
|
||||
TranslatedElement getInstructionTranslatedElement(Instruction instruction) {
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@ private import InstructionTag
|
|||
private import TranslatedElement
|
||||
private import TranslatedExpr
|
||||
private import TranslatedInitialization
|
||||
private import experimental.ir.Util
|
||||
private import experimental.ir.implementation.raw.internal.common.TranslatedCallBase
|
||||
private import experimental.ir.internal.IRCSharpLanguage as Language
|
||||
|
||||
|
|
|
|||
|
|
@ -10,7 +10,6 @@ private import TranslatedCondition
|
|||
private import TranslatedFunction
|
||||
private import TranslatedStmt
|
||||
private import IRConstruction
|
||||
private import experimental.ir.Util
|
||||
private import experimental.ir.internal.IRCSharpLanguage as Language
|
||||
private import desugar.Foreach
|
||||
private import desugar.Delegate
|
||||
|
|
|
|||
|
|
@ -16,7 +16,6 @@ private import common.TranslatedExprBase
|
|||
private import desugar.Delegate
|
||||
private import desugar.internal.TranslatedCompilerGeneratedCall
|
||||
import TranslatedCall
|
||||
private import experimental.ir.Util
|
||||
private import experimental.ir.internal.IRCSharpLanguage as Language
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -11,7 +11,6 @@ private import InstructionTag
|
|||
private import TranslatedElement
|
||||
private import TranslatedExpr
|
||||
private import TranslatedFunction
|
||||
private import experimental.ir.Util
|
||||
private import IRInternal
|
||||
private import desugar.Delegate
|
||||
|
||||
|
|
|
|||
|
|
@ -9,7 +9,6 @@ private import experimental.ir.implementation.internal.OperandTag
|
|||
private import experimental.ir.implementation.raw.internal.InstructionTag
|
||||
private import experimental.ir.implementation.raw.internal.TranslatedElement
|
||||
private import experimental.ir.implementation.raw.internal.TranslatedExpr
|
||||
private import experimental.ir.Util
|
||||
private import experimental.ir.internal.CSharpType
|
||||
private import experimental.ir.internal.IRCSharpLanguage as Language
|
||||
private import TranslatedExprBase
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
import csharp
|
||||
import semmle.code.csharp.Comments
|
||||
|
||||
/**
|
||||
* A class representing line comments in C# used by the InlineExpectations core code
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
import csharp
|
||||
import semmle.code.csharp.dataflow.TaintTracking
|
||||
// Test that all the copies of the taint tracking library can be imported
|
||||
// simultaneously without errors.
|
||||
import semmle.code.csharp.dataflow.TaintTracking2
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
import semmle.code.csharp.commons.Disposal
|
||||
import csharp
|
||||
|
||||
from Variable v
|
||||
where
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
import csharp
|
||||
import semmle.code.csharp.dataflow.TaintTracking
|
||||
|
||||
from DataFlow::Node pred, DataFlow::Node succ
|
||||
where
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
import csharp
|
||||
import semmle.code.csharp.dataflow.TaintTracking
|
||||
|
||||
from StringLiteral l, DataFlow::Node n
|
||||
where TaintTracking::localTaintStep+(DataFlow::exprNode(l), n)
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
import csharp
|
||||
import semmle.code.csharp.dataflow.TaintTracking
|
||||
|
||||
class Configuration extends TaintTracking::Configuration {
|
||||
Configuration() { this = "Json.NET test" }
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
import csharp
|
||||
import semmle.code.csharp.dataflow.TaintTracking
|
||||
|
||||
class MyConfiguration extends TaintTracking::Configuration {
|
||||
MyConfiguration() { this = "MyConfiguration" }
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@
|
|||
*/
|
||||
|
||||
import semmle.code.Location
|
||||
import Element
|
||||
|
||||
/** A Javadoc parent is an element whose child can be some Javadoc documentation. */
|
||||
class JavadocParent extends @javadocParent, Top {
|
||||
|
|
|
|||
|
|
@ -4,7 +4,6 @@
|
|||
|
||||
import java
|
||||
import Dominance
|
||||
import semmle.code.java.ControlFlowGraph
|
||||
|
||||
/**
|
||||
* A control-flow node that represents the start of a basic block.
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@
|
|||
*/
|
||||
|
||||
import java
|
||||
private import semmle.code.java.ControlFlowGraph
|
||||
|
||||
/*
|
||||
* Predicates for basic-block-level dominance.
|
||||
|
|
|
|||
|
|
@ -27,7 +27,6 @@ import semmle.code.java.frameworks.Guice
|
|||
import semmle.code.java.frameworks.struts.StrutsActions
|
||||
import semmle.code.java.frameworks.Thrift
|
||||
import semmle.code.java.frameworks.javaee.jsf.JSFRenderer
|
||||
private import semmle.code.java.dataflow.ExternalFlow
|
||||
|
||||
/** A data flow source of remote user input. */
|
||||
abstract class RemoteFlowSource extends DataFlow::Node {
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@ private import semmle.code.java.dataflow.FlowSources
|
|||
private import semmle.code.java.dataflow.internal.DataFlowPrivate
|
||||
import semmle.code.java.dataflow.FlowSteps
|
||||
private import FlowSummaryImpl as FlowSummaryImpl
|
||||
private import semmle.code.java.frameworks.JaxWS
|
||||
|
||||
/**
|
||||
* Holds if taint can flow from `src` to `sink` in zero or more
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
import java
|
||||
import semmle.code.java.JDKAnnotations
|
||||
|
||||
/**
|
||||
* Direct flow of values (i.e. object references) through expressions.
|
||||
|
|
|
|||
|
|
@ -9,7 +9,6 @@ import semmle.code.java.deadcode.WebEntryPoints
|
|||
import semmle.code.java.frameworks.javaee.JavaServerFaces
|
||||
import semmle.code.java.frameworks.JAXB
|
||||
import semmle.code.java.frameworks.JaxWS
|
||||
import semmle.code.java.JMX
|
||||
import semmle.code.java.Reflection
|
||||
import semmle.code.java.frameworks.JavaxAnnotations
|
||||
import semmle.code.java.frameworks.Selenium
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@ import semmle.code.java.deadcode.DeadCode
|
|||
import semmle.code.java.frameworks.Cucumber
|
||||
import semmle.code.java.deadcode.frameworks.FitNesseEntryPoints
|
||||
import semmle.code.java.frameworks.Mockito
|
||||
import semmle.code.java.UnitTests
|
||||
|
||||
/**
|
||||
* A test method, suite, or an associated setup/teardown method.
|
||||
|
|
|
|||
|
|
@ -3,8 +3,6 @@
|
|||
*/
|
||||
|
||||
import java
|
||||
import semmle.code.java.Type
|
||||
import semmle.code.java.Member
|
||||
|
||||
/*--- Types ---*/
|
||||
/** The interface `org.apache.directory.ldap.client.api.LdapConnection`. */
|
||||
|
|
|
|||
|
|
@ -3,8 +3,6 @@
|
|||
*/
|
||||
|
||||
import java
|
||||
import semmle.code.java.Type
|
||||
import semmle.code.java.Member
|
||||
|
||||
/*--- Types ---*/
|
||||
/** The interface `javax.naming.Context`. */
|
||||
|
|
|
|||
|
|
@ -3,8 +3,6 @@
|
|||
*/
|
||||
|
||||
import java
|
||||
import semmle.code.java.Type
|
||||
import semmle.code.java.Member
|
||||
|
||||
/*--- Types ---*/
|
||||
/** The class `org.springframework.ldap.core.LdapTemplate`. */
|
||||
|
|
|
|||
|
|
@ -3,8 +3,6 @@
|
|||
*/
|
||||
|
||||
import java
|
||||
import semmle.code.java.Type
|
||||
import semmle.code.java.Member
|
||||
|
||||
/*--- Types ---*/
|
||||
/** The interface `com.unboundid.ldap.sdk.ReadOnlySearchRequest`. */
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@
|
|||
import java
|
||||
import Android
|
||||
import semmle.code.java.dataflow.FlowSteps
|
||||
import semmle.code.java.dataflow.ExternalFlow
|
||||
|
||||
/**
|
||||
* The class `android.database.sqlite.SQLiteDatabase`.
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
import java
|
||||
import semmle.code.xml.XML
|
||||
|
||||
/**
|
||||
* Holds if any struts XML files are included in this snapshot.
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
import semmle.code.java.Package
|
||||
import MetricElement
|
||||
import MetricRefType
|
||||
import semmle.code.java.Dependency
|
||||
import MetricCallable
|
||||
|
||||
/** This class provides access to metrics information for packages. */
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@
|
|||
import java
|
||||
import semmle.code.java.security.HttpsUrls
|
||||
import semmle.code.java.security.InsecureBasicAuth
|
||||
import semmle.code.java.dataflow.TaintTracking
|
||||
|
||||
/**
|
||||
* A taint tracking configuration for the Basic authentication scheme
|
||||
|
|
|
|||
|
|
@ -3,8 +3,6 @@
|
|||
import java
|
||||
import semmle.code.java.dataflow.DataFlow
|
||||
import semmle.code.java.dataflow.FlowSources
|
||||
import semmle.code.java.frameworks.Servlets
|
||||
import semmle.code.java.frameworks.JaxWS
|
||||
private import semmle.code.java.dataflow.ExternalFlow
|
||||
|
||||
/** A sink that is vulnerable to an HTTP header splitting attack. */
|
||||
|
|
|
|||
|
|
@ -10,7 +10,6 @@
|
|||
*/
|
||||
|
||||
import java
|
||||
import semmle.code.java.JDKAnnotations
|
||||
|
||||
class NonConstantSourceField extends Field {
|
||||
NonConstantSourceField() {
|
||||
|
|
|
|||
|
|
@ -12,7 +12,6 @@
|
|||
*/
|
||||
|
||||
import java
|
||||
import semmle.code.java.JDKAnnotations
|
||||
import semmle.code.java.Collections
|
||||
import semmle.code.java.Maps
|
||||
import semmle.code.java.frameworks.javaee.ejb.EJB
|
||||
|
|
|
|||
|
|
@ -12,7 +12,6 @@
|
|||
*/
|
||||
|
||||
import java
|
||||
import semmle.code.java.JDKAnnotations
|
||||
|
||||
predicate isSerializable(RefType t) { t.getAnAncestor() instanceof TypeSerializable }
|
||||
|
||||
|
|
|
|||
|
|
@ -8,7 +8,6 @@
|
|||
|
||||
import java
|
||||
import ExternalApi
|
||||
import semmle.code.java.GeneratedFiles
|
||||
|
||||
from ExternalApi api, int usages
|
||||
where
|
||||
|
|
|
|||
|
|
@ -8,7 +8,6 @@
|
|||
|
||||
import java
|
||||
import ExternalApi
|
||||
import semmle.code.java.GeneratedFiles
|
||||
|
||||
from ExternalApi api, int usages
|
||||
where
|
||||
|
|
|
|||
|
|
@ -8,7 +8,6 @@
|
|||
|
||||
import java
|
||||
import ExternalApi
|
||||
import semmle.code.java.GeneratedFiles
|
||||
|
||||
from ExternalApi api, int usages
|
||||
where
|
||||
|
|
|
|||
|
|
@ -8,7 +8,6 @@
|
|||
|
||||
import java
|
||||
import ExternalApi
|
||||
import semmle.code.java.GeneratedFiles
|
||||
|
||||
from ExternalApi api, int usages
|
||||
where
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@ import java
|
|||
import DataFlow::PathGraph
|
||||
import MyBatisCommonLib
|
||||
import MyBatisAnnotationSqlInjectionLib
|
||||
import semmle.code.java.dataflow.FlowSources
|
||||
|
||||
private class MyBatisAnnotationSqlInjectionConfiguration extends TaintTracking::Configuration {
|
||||
MyBatisAnnotationSqlInjectionConfiguration() { this = "MyBatis annotation sql injection" }
|
||||
|
|
|
|||
|
|
@ -4,8 +4,6 @@
|
|||
|
||||
import java
|
||||
import MyBatisCommonLib
|
||||
import semmle.code.java.dataflow.FlowSources
|
||||
import semmle.code.java.frameworks.Properties
|
||||
|
||||
/** An argument of a MyBatis annotated method. */
|
||||
class MyBatisAnnotatedMethodCallArgument extends DataFlow::Node {
|
||||
|
|
|
|||
|
|
@ -6,7 +6,6 @@ import java
|
|||
import semmle.code.xml.MyBatisMapperXML
|
||||
import semmle.code.java.dataflow.FlowSources
|
||||
import semmle.code.java.frameworks.MyBatis
|
||||
import semmle.code.java.frameworks.Properties
|
||||
|
||||
private predicate propertiesKey(DataFlow::Node prop, string key) {
|
||||
exists(MethodAccess m |
|
||||
|
|
|
|||
|
|
@ -15,8 +15,6 @@ import java
|
|||
import DataFlow::PathGraph
|
||||
import MyBatisCommonLib
|
||||
import MyBatisMapperXmlSqlInjectionLib
|
||||
import semmle.code.xml.MyBatisMapperXML
|
||||
import semmle.code.java.dataflow.FlowSources
|
||||
|
||||
private class MyBatisMapperXmlSqlInjectionConfiguration extends TaintTracking::Configuration {
|
||||
MyBatisMapperXmlSqlInjectionConfiguration() { this = "MyBatis mapper xml sql injection" }
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
import java
|
||||
import semmle.code.xml.MyBatisMapperXML
|
||||
import semmle.code.java.dataflow.FlowSources
|
||||
import semmle.code.java.frameworks.Properties
|
||||
|
||||
/** A sink for MyBatis Mapper method call an argument. */
|
||||
class MyBatisMapperMethodCallAnArgument extends DataFlow::Node {
|
||||
|
|
|
|||
|
|
@ -12,7 +12,6 @@
|
|||
|
||||
import java
|
||||
import BeanShellInjection
|
||||
import semmle.code.java.dataflow.FlowSources
|
||||
import DataFlow::PathGraph
|
||||
|
||||
class BeanShellInjectionConfig extends TaintTracking::Configuration {
|
||||
|
|
|
|||
|
|
@ -12,7 +12,6 @@
|
|||
|
||||
import java
|
||||
import JShellInjection
|
||||
import semmle.code.java.dataflow.FlowSources
|
||||
import DataFlow::PathGraph
|
||||
|
||||
class JShellInjectionConfiguration extends TaintTracking::Configuration {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,5 @@
|
|||
import java
|
||||
import FlowUtils
|
||||
import semmle.code.java.dataflow.FlowSources
|
||||
import semmle.code.java.dataflow.TaintTracking
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -13,7 +13,6 @@
|
|||
|
||||
import java
|
||||
import semmle.code.java.dataflow.FlowSources
|
||||
import semmle.code.java.frameworks.spring.SpringController
|
||||
import DataFlow::PathGraph
|
||||
|
||||
/** The class `org.python.util.PythonInterpreter`. */
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@
|
|||
import java
|
||||
import semmle.code.java.dataflow.FlowSources
|
||||
import semmle.code.java.dataflow.TaintTracking2
|
||||
import semmle.code.java.frameworks.android.Android
|
||||
|
||||
/** The `startActivityForResult` method of Android's `Activity` class. */
|
||||
class StartActivityForResultMethod extends Method {
|
||||
|
|
|
|||
|
|
@ -11,7 +11,6 @@
|
|||
|
||||
import java
|
||||
import semmle.code.java.dataflow.FlowSources
|
||||
import semmle.code.java.frameworks.Servlets
|
||||
import semmle.code.java.dataflow.TaintTracking
|
||||
import semmle.code.java.dataflow.TaintTracking2
|
||||
import DataFlow::PathGraph
|
||||
|
|
|
|||
|
|
@ -12,7 +12,6 @@
|
|||
|
||||
import java
|
||||
import JsonpInjectionLib
|
||||
import semmle.code.java.dataflow.FlowSources
|
||||
import semmle.code.java.deadcode.WebEntryPoints
|
||||
import DataFlow::PathGraph
|
||||
|
||||
|
|
|
|||
|
|
@ -2,10 +2,7 @@ import java
|
|||
import DataFlow
|
||||
import JsonStringLib
|
||||
import semmle.code.java.security.XSS
|
||||
import semmle.code.java.dataflow.DataFlow
|
||||
import semmle.code.java.dataflow.DataFlow3
|
||||
import semmle.code.java.dataflow.FlowSources
|
||||
import semmle.code.java.frameworks.spring.SpringController
|
||||
|
||||
/**
|
||||
* A method that is called to handle an HTTP GET request.
|
||||
|
|
|
|||
|
|
@ -14,7 +14,6 @@ import java
|
|||
import DataFlow
|
||||
import UnsafeReflectionLib
|
||||
import semmle.code.java.dataflow.DataFlow
|
||||
import semmle.code.java.dataflow.FlowSources
|
||||
import DataFlow::PathGraph
|
||||
|
||||
private class ContainsSanitizer extends DataFlow::BarrierGuard {
|
||||
|
|
|
|||
|
|
@ -10,7 +10,6 @@
|
|||
*/
|
||||
|
||||
import java
|
||||
import semmle.code.java.J2EE
|
||||
import TestLib
|
||||
|
||||
/** The `main` method in an Enterprise Java Bean. */
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@
|
|||
import java
|
||||
import semmle.code.java.dataflow.FlowSources
|
||||
import semmle.code.java.dataflow.TaintTracking
|
||||
import semmle.code.java.frameworks.Servlets
|
||||
import semmle.code.xml.WebXML
|
||||
import DataFlow::PathGraph
|
||||
|
||||
|
|
|
|||
|
|
@ -12,7 +12,6 @@
|
|||
|
||||
import java
|
||||
import SpringUrlRedirect
|
||||
import semmle.code.java.dataflow.FlowSources
|
||||
import DataFlow::PathGraph
|
||||
|
||||
private class StartsWithSanitizer extends DataFlow::BarrierGuard {
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@ import DataFlow
|
|||
import semmle.code.java.dataflow.FlowSources
|
||||
import semmle.code.java.dataflow.DataFlow2
|
||||
import semmle.code.java.dataflow.TaintTracking
|
||||
import semmle.code.java.frameworks.spring.SpringController
|
||||
|
||||
/**
|
||||
* A concatenate expression using the string `redirect:` or `ajaxredirect:` or `forward:` on the left.
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
import java
|
||||
import semmle.code.configfiles.ConfigFiles
|
||||
import semmle.code.java.dataflow.FlowSources
|
||||
import semmle.code.java.frameworks.Properties
|
||||
|
||||
private string possibleSecretName() {
|
||||
result =
|
||||
|
|
|
|||
|
|
@ -7,7 +7,6 @@
|
|||
import javascript
|
||||
private import semmle.javascript.heuristics.SyntacticHeuristics
|
||||
private import semmle.javascript.security.dataflow.NosqlInjectionCustomizations
|
||||
private import semmle.javascript.security.TaintedObject
|
||||
import AdaptiveThreatModeling
|
||||
private import CoreKnowledge as CoreKnowledge
|
||||
private import StandardEndpointFilters as StandardEndpointFilters
|
||||
|
|
|
|||
|
|
@ -4,7 +4,6 @@
|
|||
|
||||
import javascript
|
||||
import DOMProperties
|
||||
import semmle.javascript.frameworks.xUnit
|
||||
|
||||
/**
|
||||
* Holds if `e` appears in a syntactic context where its value is discarded.
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@
|
|||
*/
|
||||
|
||||
import javascript
|
||||
import semmle.javascript.Promises
|
||||
|
||||
/** Provices classes for modelling NoSQL query sinks. */
|
||||
module NoSql {
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@
|
|||
*/
|
||||
|
||||
import javascript
|
||||
import semmle.javascript.Promises
|
||||
|
||||
module SQL {
|
||||
/** A string-valued expression that is interpreted as a SQL command. */
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@
|
|||
*/
|
||||
|
||||
import javascript
|
||||
import semmle.javascript.frameworks.xUnit
|
||||
import semmle.javascript.frameworks.TestingCustomizations
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -6,7 +6,6 @@
|
|||
|
||||
import javascript
|
||||
private import semmle.javascript.security.SensitiveActions
|
||||
private import semmle.javascript.frameworks.CryptoLibraries
|
||||
|
||||
module BrokenCryptoAlgorithm {
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
/** DEPRECATED. Import `ClientSideUrlRedirectQuery` instead. */
|
||||
|
||||
import javascript
|
||||
import semmle.javascript.security.dataflow.RemoteFlowSources
|
||||
import UrlConcatenation
|
||||
private import ClientSideUrlRedirectQuery as ClientSideUrlRedirectQuery // ignore-query-import
|
||||
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
*/
|
||||
|
||||
import javascript
|
||||
import semmle.javascript.security.dataflow.RemoteFlowSources
|
||||
|
||||
module ClientSideUrlRedirect {
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -8,7 +8,6 @@
|
|||
*/
|
||||
|
||||
import javascript
|
||||
import semmle.javascript.security.dataflow.RemoteFlowSources
|
||||
import UrlConcatenation
|
||||
import ClientSideUrlRedirectCustomizations::ClientSideUrlRedirect
|
||||
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
*/
|
||||
|
||||
import javascript
|
||||
import semmle.javascript.security.dataflow.RemoteFlowSources
|
||||
|
||||
module CommandInjection {
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
/** DEPRECATED. Import `DifferentKindsComparisonBypassQuery` instead. */
|
||||
|
||||
import javascript
|
||||
import semmle.javascript.security.dataflow.RemoteFlowSources
|
||||
private import DifferentKindsComparisonBypassQuery as DifferentKindsComparisonBypassQuery // ignore-query-import
|
||||
|
||||
/** DEPRECATED. Import `DifferentKindsComparisonBypassQuery` instead. */
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
*/
|
||||
|
||||
import javascript
|
||||
import semmle.javascript.security.dataflow.RemoteFlowSources
|
||||
|
||||
module DifferentKindsComparisonBypass {
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -9,7 +9,6 @@
|
|||
*/
|
||||
|
||||
import javascript
|
||||
import semmle.javascript.security.dataflow.RemoteFlowSources
|
||||
import DifferentKindsComparisonBypassCustomizations::DifferentKindsComparisonBypass
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
*/
|
||||
|
||||
import javascript
|
||||
import semmle.javascript.security.dataflow.RemoteFlowSources
|
||||
|
||||
module FileAccessToHttp {
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@
|
|||
*/
|
||||
|
||||
import javascript
|
||||
import semmle.javascript.security.dataflow.RemoteFlowSources
|
||||
private import HttpToFileAccessCustomizations::HttpToFileAccess
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
*/
|
||||
|
||||
import javascript
|
||||
import semmle.javascript.security.dataflow.RemoteFlowSources
|
||||
import semmle.javascript.security.IncompleteBlacklistSanitizer
|
||||
|
||||
module IncompleteHtmlAttributeSanitization {
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
*/
|
||||
|
||||
import javascript
|
||||
import semmle.javascript.security.dataflow.RemoteFlowSources
|
||||
|
||||
module IndirectCommandInjection {
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -6,7 +6,6 @@
|
|||
|
||||
import javascript
|
||||
private import semmle.javascript.security.SensitiveActions
|
||||
private import semmle.javascript.frameworks.CryptoLibraries
|
||||
|
||||
module InsufficientPasswordHash {
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
*/
|
||||
|
||||
import javascript
|
||||
import semmle.javascript.security.dataflow.RemoteFlowSources
|
||||
private import semmle.javascript.dataflow.InferredTypes
|
||||
|
||||
module TypeConfusionThroughParameterTampering {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
/** DEPRECATED. Import `UnsafeDeserializationQuery` instead. */
|
||||
|
||||
import javascript
|
||||
import semmle.javascript.security.dataflow.RemoteFlowSources
|
||||
private import UnsafeDeserializationQuery as UnsafeDeserializationQuery // ignore-query-import
|
||||
|
||||
/** DEPRECATED. Import `UnsafeDeserializationQuery` instead. */
|
||||
|
|
|
|||
Некоторые файлы не были показаны из-за слишком большого количества измененных файлов Показать больше
Загрузка…
Ссылка в новой задаче