TaintedPermissionsCheck docs

egregius313 · egregius313 · commit 4059fd4b97a2 · 2023-04-24T06:56:44.000-04:00
diff --git a/java/ql/lib/semmle/code/java/security/TaintedPermissionsCheckQuery.qll b/java/ql/lib/semmle/code/java/security/TaintedPermissionsCheckQuery.qll
@@ -20,7 +20,11 @@ private class TypeShiroWildCardPermission extends RefType {
   }
 }
 
+/**
+ * An expression that constructs a permission.
+ */
 abstract class PermissionsConstruction extends Top {
+  /** Gets the input to this permission construction. */
   abstract Expr getInput();
 }
 
@@ -46,6 +50,9 @@ private class WildCardPermissionConstruction extends ClassInstanceExpr, Permissi
   override Expr getInput() { result = this.getArgument(0) }
 }
 
+/**
+ * A configuration for tracking flow from user input to a permissions check.
+ */
 module TaintedPermissionsCheckFlowConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof UserInput }
 
@@ -54,4 +61,5 @@ module TaintedPermissionsCheckFlowConfig implements DataFlow::ConfigSig {
   }
 }
 
+/** Tracks flow from user input to a permissions check. */
 module TaintedPermissionsCheckFlow = TaintTracking::Global<TaintedPermissionsCheckFlowConfig>;

Original file line number	Diff line number	Diff line change
`@@ -20,7 +20,11 @@ private class TypeShiroWildCardPermission extends RefType {`
`20`	`20`	`}`
`21`	`21`	`}`
`22`	`22`
	`23`	`+/**`
	`24`	`+ * An expression that constructs a permission.`
	`25`	`+ */`
`23`	`26`	`abstract class PermissionsConstruction extends Top {`
	`27`	`+ /** Gets the input to this permission construction. */`
`24`	`28`	`abstract Expr getInput();`
`25`	`29`	`}`
`26`	`30`
`@@ -46,6 +50,9 @@ private class WildCardPermissionConstruction extends ClassInstanceExpr, Permissi`
`46`	`50`	`override Expr getInput() { result = this.getArgument(0) }`
`47`	`51`	`}`
`48`	`52`
	`53`	`+/**`
	`54`	`+ * A configuration for tracking flow from user input to a permissions check.`
	`55`	`+ */`
`49`	`56`	`module TaintedPermissionsCheckFlowConfig implements DataFlow::ConfigSig {`
`50`	`57`	`predicate isSource(DataFlow::Node source) { source instanceof UserInput }`
`51`	`58`
`@@ -54,4 +61,5 @@ module TaintedPermissionsCheckFlowConfig implements DataFlow::ConfigSig {`
`54`	`61`	`}`
`55`	`62`	`}`
`56`	`63`
	`64`	`+/** Tracks flow from user input to a permissions check. */`
`57`	`65`	`module TaintedPermissionsCheckFlow = TaintTracking::Global<TaintedPermissionsCheckFlowConfig>;`