Skip to content

Commit 7c8119a

Browse files
committed
Rename MethodCall ma to mc
1 parent fa5bd75 commit 7c8119a

File tree

1 file changed

+13
-13
lines changed

1 file changed

+13
-13
lines changed

java/ql/lib/semmle/code/java/security/LogInjection.qll

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -45,11 +45,11 @@ private class LineBreaksLogInjectionSanitizer extends LogInjectionSanitizer {
4545
}
4646

4747
private predicate stringMethodCall(
48-
MethodCall ma, CompileTimeConstantExpr arg0, CompileTimeConstantExpr arg1
48+
MethodCall mc, CompileTimeConstantExpr arg0, CompileTimeConstantExpr arg1
4949
) {
50-
ma.getMethod().getDeclaringType() instanceof TypeString and
51-
arg0 = ma.getArgument(0) and
52-
arg1 = ma.getArgument(1)
50+
mc.getMethod().getDeclaringType() instanceof TypeString and
51+
arg0 = mc.getArgument(0) and
52+
arg1 = mc.getArgument(1)
5353
}
5454

5555
private predicate stringMethodArgument(CompileTimeConstantExpr arg) {
@@ -68,19 +68,19 @@ private predicate stringMethodArgumentValueMatches(CompileTimeConstantExpr const
6868
* breaks from it.
6969
*/
7070
private predicate logInjectionSanitizer(Expr e) {
71-
exists(MethodCall ma, CompileTimeConstantExpr target, CompileTimeConstantExpr replacement |
72-
e = ma and
73-
stringMethodCall(ma, target, replacement) and
71+
exists(MethodCall mc, CompileTimeConstantExpr target, CompileTimeConstantExpr replacement |
72+
e = mc and
73+
stringMethodCall(mc, target, replacement) and
7474
not stringMethodArgumentValueMatches(replacement, ["%\n%", "%\r%"])
7575
|
76-
ma.getMethod().hasName("replace") and
76+
mc.getMethod().hasName("replace") and
7777
not replacement.getIntValue() = [10, 13] and
7878
(
7979
target.getIntValue() = [10, 13] or // 10 == '\n', 13 == '\r'
8080
target.getStringValue() = ["\n", "\r"]
8181
)
8282
or
83-
ma.getMethod().hasName("replaceAll") and
83+
mc.getMethod().hasName("replaceAll") and
8484
(
8585
// Replace anything not in an allow list
8686
target.getStringValue().matches("[^%]") and
@@ -104,10 +104,10 @@ private predicate logInjectionSanitizer(Expr e) {
104104
* by checking if there are line breaks in `e`.
105105
*/
106106
private predicate logInjectionGuard(Guard g, Expr e, boolean branch) {
107-
exists(MethodCall ma | ma = g |
108-
ma.getMethod() instanceof StringContainsMethod and
109-
ma.getArgument(0).(CompileTimeConstantExpr).getStringValue() = ["\n", "\r"] and
110-
e = ma.getQualifier() and
107+
exists(MethodCall mc | mc = g |
108+
mc.getMethod() instanceof StringContainsMethod and
109+
mc.getArgument(0).(CompileTimeConstantExpr).getStringValue() = ["\n", "\r"] and
110+
e = mc.getQualifier() and
111111
branch = false
112112
)
113113
or

0 commit comments

Comments
 (0)