diff --git a/java/ql/src/experimental/Security/CWE/CWE-208/NonConstantTimeCheckOnSignatureQuery.qll b/java/ql/src/experimental/Security/CWE/CWE-208/NonConstantTimeCheckOnSignatureQuery.qll index 8e545a5e8f04f..5972db6749555 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-208/NonConstantTimeCheckOnSignatureQuery.qll +++ b/java/ql/src/experimental/Security/CWE/CWE-208/NonConstantTimeCheckOnSignatureQuery.qll @@ -95,7 +95,7 @@ private class ProduceCiphertextCall extends ProduceCryptoCall { } /** Holds if `fromNode` to `toNode` is a dataflow step that updates a cryptographic operation. */ -private predicate updateCryptoOperationStep(DataFlow2::Node fromNode, DataFlow2::Node toNode) { +private predicate updateCryptoOperationStep(DataFlow::Node fromNode, DataFlow::Node toNode) { exists(MethodCall call, Method m | m = call.getMethod() and call.getQualifier() = toNode.asExpr() and @@ -111,7 +111,7 @@ private predicate updateCryptoOperationStep(DataFlow2::Node fromNode, DataFlow2: } /** Holds if `fromNode` to `toNode` is a dataflow step that creates a hash. */ -private predicate createMessageDigestStep(DataFlow2::Node fromNode, DataFlow2::Node toNode) { +private predicate createMessageDigestStep(DataFlow::Node fromNode, DataFlow::Node toNode) { exists(MethodCall ma, Method m | m = ma.getMethod() | m.getDeclaringType().hasQualifiedName("java.security", "MessageDigest") and m.hasStringSignature("digest()") and @@ -135,7 +135,7 @@ private predicate createMessageDigestStep(DataFlow2::Node fromNode, DataFlow2::N } /** Holds if `fromNode` to `toNode` is a dataflow step that updates a hash. */ -private predicate updateMessageDigestStep(DataFlow2::Node fromNode, DataFlow2::Node toNode) { +private predicate updateMessageDigestStep(DataFlow::Node fromNode, DataFlow::Node toNode) { exists(MethodCall ma, Method m | m = ma.getMethod() | m.hasQualifiedName("java.security", "MessageDigest", "update") and ma.getArgument(0) = fromNode.asExpr() and @@ -154,7 +154,7 @@ private module UserInputInCryptoOperationConfig implements DataFlow::ConfigSig { exists(ProduceCryptoCall call | call.getQualifier() = sink.asExpr()) } - predicate isAdditionalFlowStep(DataFlow2::Node fromNode, DataFlow2::Node toNode) { + predicate isAdditionalFlowStep(DataFlow::Node fromNode, DataFlow::Node toNode) { updateCryptoOperationStep(fromNode, toNode) or createMessageDigestStep(fromNode, toNode) diff --git a/java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegexQuery.qll b/java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegexQuery.qll index 925fd5632a352..5f015732cb385 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegexQuery.qll +++ b/java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegexQuery.qll @@ -94,11 +94,11 @@ private class CompileRegexSink extends DataFlow::ExprNode { * A data flow configuration for regular expressions that include permissive dots. */ private module PermissiveDotRegexConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow2::Node src) { src.asExpr() instanceof PermissiveDotStr } + predicate isSource(DataFlow::Node src) { src.asExpr() instanceof PermissiveDotStr } - predicate isSink(DataFlow2::Node sink) { sink instanceof CompileRegexSink } + predicate isSink(DataFlow::Node sink) { sink instanceof CompileRegexSink } - predicate isBarrier(DataFlow2::Node node) { + predicate isBarrier(DataFlow::Node node) { exists( MethodCall ma, Field f // Pattern.compile(PATTERN, Pattern.DOTALL) | diff --git a/java/ql/src/experimental/semmle/code/java/security/SpringUrlRedirect.qll b/java/ql/src/experimental/semmle/code/java/security/SpringUrlRedirect.qll index d437c8fa3cc0b..c068dfbb7e36a 100644 --- a/java/ql/src/experimental/semmle/code/java/security/SpringUrlRedirect.qll +++ b/java/ql/src/experimental/semmle/code/java/security/SpringUrlRedirect.qll @@ -53,7 +53,7 @@ private class SpringViewUrlRedirectSink extends SpringUrlRedirectSink { ) or exists(MethodCall ma, RedirectAppendCall rac | - DataFlow2::localExprFlow(rac.getQualifier(), ma.getQualifier()) and + DataFlow::localExprFlow(rac.getQualifier(), ma.getQualifier()) and ma.getMethod().hasName("append") and ma.getArgument(0) = this.asExpr() and any(SpringRequestMappingMethod sqmm).polyCalls*(this.getEnclosingCallable())