Skip to content

Commit c43b03b

Browse files
authored
Merge pull request #20931 from owen-mc/go/fix-misc-ql
Go/Java: fix miscellaneous trivial issues highlighted by ql-for-ql
2 parents 86eb949 + 992bd68 commit c43b03b

File tree

14 files changed

+20
-48
lines changed

14 files changed

+20
-48
lines changed

go/ql/lib/semmle/go/dataflow/GlobalValueNumbering.qll

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -255,8 +255,6 @@ private predicate globalValueNumbers(DataFlow::CallNode ce, int start, GVN head,
255255
* methods.
256256
*/
257257
class GVN extends GvnBase {
258-
GVN() { this instanceof GvnBase }
259-
260258
/** Gets a data-flow node that has this GVN. */
261259
DataFlow::Node getANode() { this = globalValueNumber(result) }
262260

go/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1347,7 +1347,6 @@ module Public {
13471347
}
13481348
}
13491349

1350-
private import Private
13511350
private import Public
13521351

13531352
class SummaryPostUpdateNode extends FlowSummaryNode, PostUpdateNode {

go/ql/src/Security/CWE-020/UntrustedDataToExternalAPI.ql

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,8 @@
66
* @precision low
77
* @problem.severity error
88
* @security-severity 7.8
9-
* @tags security external/cwe/cwe-020
9+
* @tags security
10+
* external/cwe/cwe-020
1011
*/
1112

1213
import go

go/ql/src/Security/CWE-020/UntrustedDataToUnknownExternalAPI.ql

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,8 @@
66
* @precision low
77
* @problem.severity error
88
* @security-severity 7.8
9-
* @tags security external/cwe/cwe-020
9+
* @tags security
10+
* external/cwe/cwe-020
1011
*/
1112

1213
import go

go/ql/src/experimental/CWE-918/validator.qll

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ class FieldWithTags extends FieldDecl {
2424
* For example: the tag `json:"word" binding:"required,alpha"` yields `key: "json", value: "word"`
2525
* and `key: "binding" values: "required","alpha"`.
2626
*/
27-
predicate getTagByKeyValue(string key, string value) {
27+
predicate hasTagKeyValue(string key, string value) {
2828
exists(string tag, string key_value, string values |
2929
this.getTag().toString() = tag and
3030
// Each key_value is like key:"value1,value2"
@@ -50,7 +50,7 @@ class AlphanumericStructFieldRead extends DataFlow::Node {
5050
exists(FieldWithTags decl, Field field, string tag |
5151
this = field.getARead() and
5252
field.getDeclaration() = decl.getNameExpr(0) and
53-
decl.getTagByKeyValue(key, tag) and
53+
decl.hasTagKeyValue(key, tag) and
5454
isAlphanumericValidationKind(tag)
5555
)
5656
}

go/ql/src/experimental/frameworks/DecompressionBombsCustomizations.qll

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -511,7 +511,7 @@ module DecompressionBombs {
511511
}
512512

513513
/**
514-
* Provides decompression bomb sinks for packages that use some standard IO interfaces/methods for reading decompressed data
514+
* A standard IO function for reading decompressed data.
515515
*/
516516
class GeneralReadIoSink extends Sink {
517517
GeneralReadIoSink() {

go/ql/test/library-tests/semmle/go/dataflow/GlobalVariableSideEffects/Flows.ql

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,6 @@ import go
22
import utils.test.InlineFlowTest
33

44
string getArgString(DataFlow::Node src, DataFlow::Node sink) {
5-
exists(src) and
65
result =
76
"\"" + sink.toString() + " (from source " +
87
src.(DataFlow::CallNode).getArgument(0).getExactValue() + ")\""

java/ql/lib/semmle/code/java/JDK.qll

Lines changed: 1 addition & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -321,12 +321,7 @@ class WriteObjectMethod extends Method {
321321
class ReadObjectMethod extends Method {
322322
ReadObjectMethod() {
323323
this.getDeclaringType() instanceof TypeObjectInputStream and
324-
(
325-
this.hasName("readObject") or
326-
this.hasName("readObjectOverride") or
327-
this.hasName("readUnshared") or
328-
this.hasName("resolveObject")
329-
)
324+
this.hasName(["readObject", "readObjectOverride", "readUnshared", "resolveObject"])
330325
}
331326
}
332327

java/ql/lib/semmle/code/java/NumberFormatException.qll

Lines changed: 1 addition & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -46,12 +46,7 @@ private class SpecialClassInstanceExpr extends ClassInstanceExpr {
4646
}
4747

4848
predicate throwsNfe() {
49-
this.isStringConstructor("Byte") or
50-
this.isStringConstructor("Short") or
51-
this.isStringConstructor("Integer") or
52-
this.isStringConstructor("Long") or
53-
this.isStringConstructor("Float") or
54-
this.isStringConstructor("Double")
49+
this.isStringConstructor(["Byte", "Short", "Integer", "Long", "Float", "Double"])
5550
}
5651
}
5752

java/ql/lib/semmle/code/java/frameworks/JAXB.qll

Lines changed: 1 addition & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -107,10 +107,7 @@ class XmlAccessType extends EnumConstant {
107107
*/
108108
class JaxbMemberAnnotation extends JaxbAnnotationType {
109109
JaxbMemberAnnotation() {
110-
this.hasName("XmlElement") or
111-
this.hasName("XmlAttribute") or
112-
this.hasName("XmlElementRefs") or
113-
this.hasName("XmlElements")
110+
this.hasName(["XmlElement", "XmlAttribute", "XmlElementRefs", "XmlElements"])
114111
}
115112
}
116113

0 commit comments

Comments
 (0)