hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 18:55:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Move the weird global property 'not sqlite_encryption_used()' from the sink definition to the source definition. The dataflow library starts tracking flow from the sources, so it's better to to rule out the entire database in the source definition than in the sink definition.

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2023-03-09 14:15:29 +00:00
parent 7819a7d2bc
commit 03ba7ea851
1 changed files with 4 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
cpp/ql/src/Security/CWE/CWE-313/CleartextSqliteDatabase.ql
View File

@@ -102,13 +102,12 @@ predicate isSinkImpl(DataFlow::Node sink, SqliteFunctionCall c, Type t) {
* A taint flow configuration for flow from a sensitive expression to a `SqliteFunctionCall` sink.
*/
module FromSensitiveConfiguration implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { isSourceImpl(source, _) }
predicate isSink(DataFlow::Node sink) {
isSinkImpl(sink, _, _) and
not sqlite_encryption_used()
predicate isSource(DataFlow::Node source) {
isSourceImpl(source, _) and not sqlite_encryption_used()
}
predicate isSink(DataFlow::Node sink) { isSinkImpl(sink, _, _) }
predicate isBarrier(DataFlow::Node node) {
node.asExpr().getUnspecifiedType() instanceof IntegralType
}