hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Apply suggestions from code review

Browse Source 
thanks

Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
This commit is contained in:
ihsinme
2021-10-28 09:46:26 +03:00
committed by GitHub
parent 8a1d271328
commit 04ee78aecf
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
cpp/ql/src/experimental/Security/CWE/CWE-200/ExposureSensitiveInformationUnauthorizedActor.ql
View File

@@ -41,11 +41,13 @@ predicate numberArgumentWrite(Function f, int apos) {
from FunctionCall fc
where
// a file is opened
(
fc.getTarget().hasGlobalOrStdName("fopen") or
fc.getTarget().hasGlobalOrStdName("open")
) and
fc.getNumberOfArguments() = 2 and
// the file is used for writing (but not reading)
exists(FunctionCall fctmp, int i |
numberArgumentWrite(fctmp.getTarget(), i) and
globalValueNumber(fc) = globalValueNumber(fctmp.getArgument(i))
@@ -54,6 +56,7 @@ where
numberArgumentRead(fctmp.getTarget(), i) and
globalValueNumber(fc) = globalValueNumber(fctmp.getArgument(i))
) and
// a file creation mode is not set globally by `umask` anywhere in the program
not exists(FunctionCall fctmp |
fctmp.getTarget().hasGlobalOrStdName("umask") or
fctmp.getTarget().hasGlobalOrStdName("fchmod") or