hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

C++: Better deduplication.

Browse Source
This commit is contained in:
Geoffrey White
2022-02-15 17:52:27 +00:00
parent c4d9c1d9e7
commit 703f18b82f
2 changed files with 12 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
cpp/ql/src/Security/CWE/CWE-497/ExposedSystemData.ql
View File

@@ -296,12 +296,17 @@ class ExposedSystemDataConfiguration extends TaintTracking::Configuration {
exists(FunctionCall fc, FunctionInput input, int arg |
fc.getTarget().(RemoteFlowSinkFunction).hasRemoteFlowSink(input, _) and
input.isParameterDeref(arg) and
fc.getArgument(arg).getFullyConverted() = sink.asConvertedExpr()
fc.getArgument(arg) = sink.asExpr()
)
}
}
from ExposedSystemDataConfiguration config, DataFlow::PathNode source, DataFlow::PathNode sink
where config.hasFlowPath(source, sink)
and not exists(DataFlow::Node alt | // remove duplicate results on conversions
config.hasFlow(source.getNode(), alt) and
alt.asConvertedExpr() = sink.getNode().asExpr() and
alt != sink.getNode()
)
select sink, source, sink, "This operation exposes system data from $@.", source,
source.getNode().toString()