hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Simplify the query slightly.

Browse Source
This commit is contained in:
Geoffrey White
2022-12-07 15:35:45 +00:00
parent b3d838d678
commit 4b8575bfc3
1 changed files with 4 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
cpp/ql/src/Security/CWE/CWE-311/CleartextBufferWrite.ql
View File

@@ -60,12 +60,11 @@ class ToBufferConfiguration extends TaintTracking::Configuration {
from
ToBufferConfiguration config, SensitiveBufferWrite w, DataFlow::PathNode sourceNode,
DataFlow::PathNode sinkNode, FlowSource source, SensitiveExpr dest
DataFlow::PathNode sinkNode, FlowSource source
where
config.hasFlowPath(sourceNode, sinkNode) and
sourceNode.getNode() = source and
w.getASource() = sinkNode.getNode().asExpr() and
dest = w.getDest()
w.getASource() = sinkNode.getNode().asExpr()
select w, sourceNode, sinkNode,
"This write into buffer '" + dest.toString() + "' may contain unencrypted data from $@.", source,
"user input (" + source.getSourceType() + ")"
"This write into buffer '" + w.getDest().toString() + "' may contain unencrypted data from $@.",
source, "user input (" + source.getSourceType() + ")"