Address review comments

2026-05-01 11:45:14 +02:00 · 2022-02-03 12:09:18 +01:00
parent 4d03082f16
commit 0b9b6d7b98
3 changed files with 11 additions and 3 deletions
--- a/cpp/ql/lib/change-notes/2022-02-02-detect-creat-in-openat.md
+++ b/cpp/ql/lib/change-notes/2022-02-02-detect-creat-in-openat.md
@@ -1,4 +1,4 @@
 ---
 category: minorAnalysis
 ---
-* he `cpp/world-writable-file-creation` query now only detects `open` and `openat` calls with the `O_CREAT` or `O_TMPFILE` flag.
+* The `cpp/world-writable-file-creation` query now only detects `open` and `openat` calls with the `O_CREAT` or `O_TMPFILE` flag.
--- a/cpp/ql/lib/semmle/code/cpp/commons/unix/Constants.qll
+++ b/cpp/ql/lib/semmle/code/cpp/commons/unix/Constants.qll
@@ -13,7 +13,7 @@ bindingset[input]
 int parseOctal(string input) {
  input.regexpMatch("0[0-7]+") and
  result =
-    sum(int ix |
+    strictsum(int ix |
      ix in [1 .. input.length()]
    |
      8.pow(input.length() - (ix + 1)) * input.charAt(ix).toInt()
--- a/cpp/ql/src/Security/CWE/CWE-732/FilePermissions.qll
+++ b/cpp/ql/src/Security/CWE/CWE-732/FilePermissions.qll
@@ -6,7 +6,7 @@ int parseHex(string input) {
  exists(string lowerCaseInput | lowerCaseInput = input.toLowerCase() |
    lowerCaseInput.regexpMatch("0x[0-9a-f]+") and
    result =
-      sum(int ix |
+      strictsum(int ix |
        ix in [2 .. input.length()]
      |
        16.pow(input.length() - (ix + 1)) * "0123456789abcdef".indexOf(lowerCaseInput.charAt(ix))
@@ -14,6 +14,10 @@ int parseHex(string input) {
  )
 }

+/**
+ * Gets the value defined by the `O_CREAT` macro if the macro
+ * exists and if every definition defines the same value.
+ */
 int o_creat() {
  result =
    unique(int v |
@@ -23,6 +27,10 @@ int o_creat() {
    )
 }

+/**
+ * Gets the value defined by the `O_TMPFILE` macro if the macro
+ * exists and if every definition defines the same value.
+ */
 int o_tmpfile() {
  result =
    unique(int v |