Mark ActivateModels subclasses overlay[local?]

kaspersv · kaspersv · commit ef2d481e7c04 · 2025-06-18T13:54:44.000+02:00
diff --git a/java/ql/src/experimental/Security/CWE/CWE-020/Log4jJndiInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-020/Log4jJndiInjection.ql
@@ -22,6 +22,7 @@ import semmle.code.java.dataflow.ExternalFlow
 private import semmle.code.java.security.Sanitizers
 import Log4jInjectionFlow::PathGraph
 
+overlay[local?]
 deprecated private class ActivateModels extends ActiveExperimentalModels {
   ActivateModels() { this = "log4j-injection" }
 }
diff --git a/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql b/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql
@@ -17,6 +17,7 @@ import semmle.code.java.dataflow.FlowSources
 import semmle.code.java.dataflow.ExternalFlow
 import RemoteUrlToOpenStreamFlow::PathGraph
 
+overlay[local?]
 deprecated private class ActivateModels extends ActiveExperimentalModels {
   ActivateModels() { this = "openstream-called-on-tainted-url" }
 }
diff --git a/java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql
@@ -22,6 +22,7 @@ import semmle.code.java.security.PathSanitizer
 private import semmle.code.java.security.Sanitizers
 import InjectFilePathFlow::PathGraph
 
+overlay[local?]
 deprecated private class ActivateModels extends ActiveExperimentalModels {
   ActivateModels() { this = "file-path-injection" }
 }
diff --git a/java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql b/java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql
@@ -18,6 +18,7 @@ import semmle.code.java.security.CommandLineQuery
 import InputToArgumentToExecFlow::PathGraph
 private import semmle.code.java.dataflow.ExternalFlow
 
+overlay[local?]
 deprecated private class ActivateModels extends ActiveExperimentalModels {
   ActivateModels() { this = "jsch-os-injection" }
 }
diff --git a/java/ql/src/experimental/Security/CWE/CWE-200/AndroidWebResourceResponse.qll b/java/ql/src/experimental/Security/CWE/CWE-200/AndroidWebResourceResponse.qll
@@ -7,6 +7,7 @@ private import semmle.code.java.dataflow.ExternalFlow
 private import semmle.code.java.dataflow.FlowSteps
 private import semmle.code.java.frameworks.android.WebView
 
+overlay[local?]
 private class ActivateModels extends ActiveExperimentalModels {
   ActivateModels() { this = "android-web-resource-response" }
 }
diff --git a/java/ql/src/experimental/Security/CWE/CWE-400/ThreadResourceAbuse.qll b/java/ql/src/experimental/Security/CWE/CWE-400/ThreadResourceAbuse.qll
@@ -8,6 +8,7 @@ import semmle.code.java.arithmetic.Overflow
 import semmle.code.java.dataflow.FlowSteps
 import semmle.code.java.controlflow.Guards
 
+overlay[local?]
 private class ActivateModels extends ActiveExperimentalModels {
   ActivateModels() { this = "thread-resource-abuse" }
 }
diff --git a/java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegexQuery.qll b/java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegexQuery.qll
@@ -9,6 +9,7 @@ import semmle.code.java.controlflow.Guards
 import semmle.code.java.security.UrlRedirect
 import Regex
 
+overlay[local?]
 private class ActivateModels extends ActiveExperimentalModels {
   ActivateModels() { this = "permissive-dot-regex-query" }
 }

Original file line number	Diff line number	Diff line change
`@@ -22,6 +22,7 @@ import semmle.code.java.dataflow.ExternalFlow`
`22`	`22`	`private import semmle.code.java.security.Sanitizers`
`23`	`23`	`import Log4jInjectionFlow::PathGraph`
`24`	`24`
	`25`	`+overlay[local?]`
`25`	`26`	`deprecated private class ActivateModels extends ActiveExperimentalModels {`
`26`	`27`	`ActivateModels() { this = "log4j-injection" }`
`27`	`28`	`}`
Original file line number	Diff line number	Diff line change
`@@ -17,6 +17,7 @@ import semmle.code.java.dataflow.FlowSources`
`17`	`17`	`import semmle.code.java.dataflow.ExternalFlow`
`18`	`18`	`import RemoteUrlToOpenStreamFlow::PathGraph`
`19`	`19`
	`20`	`+overlay[local?]`
`20`	`21`	`deprecated private class ActivateModels extends ActiveExperimentalModels {`
`21`	`22`	`ActivateModels() { this = "openstream-called-on-tainted-url" }`
`22`	`23`	`}`
Original file line number	Diff line number	Diff line change
`@@ -18,6 +18,7 @@ import semmle.code.java.security.CommandLineQuery`
`18`	`18`	`import InputToArgumentToExecFlow::PathGraph`
`19`	`19`	`private import semmle.code.java.dataflow.ExternalFlow`
`20`	`20`
	`21`	`+overlay[local?]`
`21`	`22`	`deprecated private class ActivateModels extends ActiveExperimentalModels {`
`22`	`23`	`ActivateModels() { this = "jsch-os-injection" }`
`23`	`24`	`}`
Original file line number	Diff line number	Diff line change
`@@ -7,6 +7,7 @@ private import semmle.code.java.dataflow.ExternalFlow`
`7`	`7`	`private import semmle.code.java.dataflow.FlowSteps`
`8`	`8`	`private import semmle.code.java.frameworks.android.WebView`
`9`	`9`
	`10`	`+overlay[local?]`
`10`	`11`	`private class ActivateModels extends ActiveExperimentalModels {`
`11`	`12`	`ActivateModels() { this = "android-web-resource-response" }`
`12`	`13`	`}`
Original file line number	Diff line number	Diff line change
`@@ -8,6 +8,7 @@ import semmle.code.java.arithmetic.Overflow`
`8`	`8`	`import semmle.code.java.dataflow.FlowSteps`
`9`	`9`	`import semmle.code.java.controlflow.Guards`
`10`	`10`
	`11`	`+overlay[local?]`
`11`	`12`	`private class ActivateModels extends ActiveExperimentalModels {`
`12`	`13`	`ActivateModels() { this = "thread-resource-abuse" }`
`13`	`14`	`}`
Original file line number	Diff line number	Diff line change
`@@ -9,6 +9,7 @@ import semmle.code.java.controlflow.Guards`
`9`	`9`	`import semmle.code.java.security.UrlRedirect`
`10`	`10`	`import Regex`
`11`	`11`
	`12`	`+overlay[local?]`
`12`	`13`	`private class ActivateModels extends ActiveExperimentalModels {`
`13`	`14`	`ActivateModels() { this = "permissive-dot-regex-query" }`
`14`	`15`	`}`