hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-03 12:45:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into unsigneddiff2

Browse Source
This commit is contained in:
Geoffrey White
2021-05-07 16:35:16 +01:00
parent 69468514f0 10e76ff28f
commit 75edcf0b4f
907 changed files with 29906 additions and 8295 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cpp/ql/src/Security/CWE/CWE-190/IntegerOverflowTainted.ql
View File

@@ -28,6 +28,7 @@ predicate outOfBoundsExpr(Expr expr, string kind) {
from Expr use, Expr origin, string kind
where
not use.getUnspecifiedType() instanceof PointerType and
outOfBoundsExpr(use, kind) and
tainted(origin, use) and
origin != use and

2
cpp/ql/src/Security/CWE/CWE-428/UnsafeCreateProcessCall.ql
View File

@@ -93,7 +93,7 @@ class QuotedCommandInCreateProcessFunctionConfiguration extends DataFlow2::Confi
bindingset[s]
predicate isQuotedOrNoSpaceApplicationNameOnCmd(string s) {
s.regexpMatch("\"([^\"])*\"(\\s|.)*") // The first element (path) is quoted
s.regexpMatch("\"([^\"])*\"[\\s\\S]*") // The first element (path) is quoted
or
s.regexpMatch("[^\\s]+") // There are no spaces in the string
}