hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Correct and improve some comments and naming.

Browse Source
This commit is contained in:
Geoffrey White
2022-04-13 18:32:08 +01:00
parent 2ad81e63a5
commit 27b6b99cd0
2 changed files with 13 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
cpp/ql/src/Security/CWE/CWE-611/XXE.ql
View File

@@ -81,7 +81,9 @@ class XercesDOMParserFlowState extends XXEFlowState {
}
/**
* The qualifier of a call to `AbstractDOMParser.setDisableDefaultEntityResolution`.
* Flow state transformer for a call to
* `AbstractDOMParser.setDisableDefaultEntityResolution`. Transforms the flow
* state through the qualifier according to the setting in the parameter.
*/
class DisableDefaultEntityResolutionTranformer extends XXEFlowStateTranformer {
Expr newValue;
@@ -111,7 +113,9 @@ class DisableDefaultEntityResolutionTranformer extends XXEFlowStateTranformer {
}
/**
* The qualifier of a call to `AbstractDOMParser.setDisableDefaultEntityResolution`.
* Flow state transformer for a call to
* `AbstractDOMParser.setCreateEntityReferenceNodes`. Transforms the flow
* state through the qualifier according to the setting in the parameter.
*/
class CreateEntityReferenceNodesTranformer extends XXEFlowStateTranformer {
Expr newValue;
@@ -151,13 +155,13 @@ class ParseFunction extends Function {
}
/**
* Configuration for tracking Xerces library XML objects and their states.
* Configuration for tracking XML objects and their states.
*/
class XercesXXEConfiguration extends DataFlow::Configuration {
XercesXXEConfiguration() { this = "XercesXXEConfiguration" }
class XXEConfiguration extends DataFlow::Configuration {
XXEConfiguration() { this = "XXEConfiguration" }
override predicate isSource(DataFlow::Node node, string flowstate) {
// source is the write on `this` of a call to the XercesDOMParser
// source is the write on `this` of a call to the `XercesDOMParser`
// constructor.
exists(CallInstruction call |
call.getStaticCallTarget() = any(XercesDOMParserClass c).getAConstructor() and
@@ -192,7 +196,7 @@ class XercesXXEConfiguration extends DataFlow::Configuration {
}
}
from XercesXXEConfiguration conf, DataFlow::PathNode source, DataFlow::PathNode sink
from XXEConfiguration conf, DataFlow::PathNode source, DataFlow::PathNode sink
where conf.hasFlowPath(source, sink)
select sink, source, sink,
"This $@ is not configured to prevent an External Entity Expansion (XXE) attack.", source,

4
cpp/ql/test/query-tests/Security/CWE/CWE-611/tests.cpp
View File

@@ -11,8 +11,8 @@ class AbstractDOMParser {
public:
AbstractDOMParser();
void setDisableDefaultEntityResolution(bool); // default is false (bad)
void setCreateEntityReferenceNodes(bool); // default is true (good)
void setDisableDefaultEntityResolution(bool); // default is false
void setCreateEntityReferenceNodes(bool); // default is true
void setSecurityManager(SecurityManager *const manager);
void parse(const InputSource &data);
};