Merge branch 'main' into securingdev-java-cwe-532-dataflow-update

GeekMasher · web-flow · commit b10f9f5c50b5 · 2023-08-17T10:39:13.000+01:00
diff --git a/java/CWE-326/Base64Encryption.ql b/java/CWE-326/Base64Encryption.ql
@@ -28,7 +28,7 @@ class Base64Sinks extends DataFlow::Node {
   }
 }
 
-module Base64EncryptionUsage implements DataFlow::ConfigSig {
+module Base64EncryptionUsageConfig implements DataFlow::ConfigSig {
 
   predicate isSource(DataFlow::Node source) { source instanceof SensitiveInformationSources }
 
@@ -39,9 +39,9 @@ module Base64EncryptionUsage implements DataFlow::ConfigSig {
   }
 }
 
-module Base64EncryptionFlows = TaintTracking::Global<Base64EncryptionUsage>;
-import Base64EncryptionFlows::PathGraph //importing the path graph from the module
+module Base64EncryptionFlow = TaintTracking::Global<Base64EncryptionUsageConfig>;
+import Base64EncryptionFlow::PathGraph //importing the path graph from the module
 
-from Base64EncryptionFlows::PathNode source, Base64EncryptionFlows::PathNode sink //Using PathNode from the module
-where Base64EncryptionFlows::flowPath(source, sink) //using flowPath instead of hasFlowPath
+from Base64EncryptionFlow::PathNode source, Base64EncryptionFlow::PathNode sink //Using PathNode from the module
+where Base64EncryptionFlow::flowPath(source, sink) //using flowPath instead of hasFlowPath
 select sink.getNode(), source, sink, "Sensitive data is being 'encrypted' with Base64 Encoding: $@", source.getNode(), "user-provided value"

Original file line number	Diff line number	Diff line change
`@@ -28,7 +28,7 @@ class Base64Sinks extends DataFlow::Node {`
`28`	`28`	`}`
`29`	`29`	`}`
`30`	`30`
`31`		`-module Base64EncryptionUsage implements DataFlow::ConfigSig {`
	`31`	`+module Base64EncryptionUsageConfig implements DataFlow::ConfigSig {`
`32`	`32`
`33`	`33`	`predicate isSource(DataFlow::Node source) { source instanceof SensitiveInformationSources }`
`34`	`34`
`@@ -39,9 +39,9 @@ module Base64EncryptionUsage implements DataFlow::ConfigSig {`
`39`	`39`	`}`
`40`	`40`	`}`
`41`	`41`
`42`		`-module Base64EncryptionFlows = TaintTracking::Global<Base64EncryptionUsage>;`
`43`		`-import Base64EncryptionFlows::PathGraph //importing the path graph from the module`
	`42`	`+module Base64EncryptionFlow = TaintTracking::Global<Base64EncryptionUsageConfig>;`
	`43`	`+import Base64EncryptionFlow::PathGraph //importing the path graph from the module`
`44`	`44`
`45`		`-from Base64EncryptionFlows::PathNode source, Base64EncryptionFlows::PathNode sink //Using PathNode from the module`
`46`		`-where Base64EncryptionFlows::flowPath(source, sink) //using flowPath instead of hasFlowPath`
	`45`	`+from Base64EncryptionFlow::PathNode source, Base64EncryptionFlow::PathNode sink //Using PathNode from the module`
	`46`	`+where Base64EncryptionFlow::flowPath(source, sink) //using flowPath instead of hasFlowPath`
`47`	`47`	`select sink.getNode(), source, sink, "Sensitive data is being 'encrypted' with Base64 Encoding: $@", source.getNode(), "user-provided value"`