Improve qldoc; make taint tracking

joefarebrother · joefarebrother · commit e4b762b5c5d2 · 2022-03-14T13:10:34.000Z
diff --git a/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll b/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll
@@ -6,7 +6,7 @@ import semmle.code.java.dataflow.TaintTracking
 import semmle.code.java.security.SensitiveActions
 import DataFlow
 
-/** Variable keeps sensitive information judging by its name * */
+/** A variable that may hold sensitive information, judging by its name. * */
 class CredentialExpr extends Expr {
   CredentialExpr() {
     exists(Variable v | this = v.getAnAccess() |
@@ -16,14 +16,11 @@ class CredentialExpr extends Expr {
   }
 }
 
-class SensitiveLoggerConfiguration extends DataFlow::Configuration {
+/* A data-flow configuration for identifying potentially-sensitive data flowing to a log output. */
+class SensitiveLoggerConfiguration extends TaintTracking::Configuration {
   SensitiveLoggerConfiguration() { this = "SensitiveLoggerConfiguration" }
 
   override predicate isSource(DataFlow::Node source) { source.asExpr() instanceof CredentialExpr }
 
   override predicate isSink(DataFlow::Node sink) { sinkNode(sink, "logging") }
-
-  override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
-    TaintTracking::localTaintStep(node1, node2)
-  }
 }
