Remove CSV data from query

joefarebrother · aschackmull · web-flow · commit bd4a414abdc0 · 2021-03-09T10:50:15.000Z
Co-authored-by: Anders Schack-Mulligen &lt;aschackmull@users.noreply.github.com&gt;
diff --git a/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql b/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql
@@ -22,13 +22,6 @@ class URLConstructor extends ClassInstanceExpr {
   }
 }
 
-class URLOpenStreamCsv extends SinkModelCsv {
-  override predicate row(string row) {
-    //"package;type;overrides;name;signature;ext;inputspec;kind",
-    row = "java.net;URL;true;openStream;();;Argument[-1];url-open-stream"
-  }
-}
-
 class URLOpenStreamMethod extends Method {
   URLOpenStreamMethod() {
     this.getDeclaringType() instanceof TypeUrl and
@@ -41,7 +34,13 @@ class RemoteURLToOpenStreamFlowConfig extends TaintTracking::Configuration {
 
   override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
 
-  override predicate isSink(DataFlow::Node sink) { sinkNode(sink, "url-open-stream") }
+  override predicate isSink(DataFlow::Node sink) {
+    exists(MethodAccess m |
+      sink.asExpr() = m.getQualifier() and m.getMethod() instanceof URLOpenStreamMethod
+    )
+    or
+    sinkNode(sink, "url-open-stream")
+  }
 
   override predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
     exists(URLConstructor u |
