Delete cve-2017-5123.ql

2026-04-29 10:45:15 +02:00 · 2022-03-26 22:42:59 +08:00
parent d4c7314484
commit 64863d493b
1 changed files with 0 additions and 49 deletions
--- a/cpp/ql/src/experimental/Security/CVE/cve-2017-5123.ql
+++ b/cpp/ql/src/experimental/Security/CVE/cve-2017-5123.ql
@@ -1,49 +0,0 @@
-import cpp
-import semmle.code.cpp.dataflow.DataFlow
-
-
-class WrtieAccessCheckMacro extends Macro{
-    VariableAccess va;
-    WrtieAccessCheckMacro(){
-        this.getName() = ["user_write_access_begin", 
-                          "user_access_begin"] 
-        and
-        va.getEnclosingElement() = this.getAnInvocation().getAnExpandedElement()
-    }
-
-    VariableAccess getArgument(){
-        result = va
-    }
-}
-
-
-class UnSafePutUserMacro extends Macro{
-    PointerDereferenceExpr writeUserPtr;
-    
-    UnSafePutUserMacro(){
-        this.getName() = "unsafe_put_user" and 
-        writeUserPtr.getEnclosingElement() = this.getAnInvocation().getAnExpandedElement()
-    }
-
-    Expr getUserModePtr(){
-        result = writeUserPtr.getOperand().(AddressOfExpr).getOperand().(FieldAccess).getQualifier()
-    }
-}
-
-class ExploitableUserModePtrParam extends Parameter{
-    ExploitableUserModePtrParam(){
-        not exists(WrtieAccessCheckMacro  writeAccessCheck| 
-            DataFlow::localFlow(DataFlow::parameterNode(this), DataFlow::exprNode(writeAccessCheck.getArgument()))
-        )
-    }
-}
-
-
-from ExploitableUserModePtrParam p,  UnSafePutUserMacro unsafePutUser
-where
-    DataFlow::localFlow(DataFlow::parameterNode(p), DataFlow::exprNode(unsafePutUser.getUserModePtr()))
-select
-    p, unsafePutUser, "potential wrtie user mode ptr without check."
-
-
-