hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Replace Unicode apostrophe with ANSI single quote

Browse Source
This commit is contained in:
Raul Garcia
2018-09-21 11:34:22 -07:00
parent 5ccc1a32aa
commit 75ef377ac1
3 changed files with 9 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@@ -12,3 +12,6 @@
/.vs/ql/v15/Browse.VC.opendb /.vs/ql/v15/Browse.VC.opendb
/.vs/ql/v15/Browse.VC.db /.vs/ql/v15/Browse.VC.db
/.vs/ProjectSettings.json /.vs/ProjectSettings.json
/.vs/ql5/v15/Browse.VC.opendb
/.vs/ql5/v15/Browse.VC.db
/.vs/ql5/v15/.suo

8
cpp/ql/src/Security/CWE/CWE-732/UnsafeDaclSecurityDescriptor.ql
View File

@@ -1,6 +1,6 @@
/** /**
* @name Setting a SECURITY_DESCRIPTOR<EFBFBD>s DACL to NULL * @name Setting a SECURITY_DESCRIPTOR's DACL to NULL
* @description Setting a SECURITY_DESCRIPTOR<EFBFBD>s DACL to NULL will result in an unprotected object. * @description Setting a SECURITY_DESCRIPTOR's DACL to NULL will result in an unprotected object.
* If the DACL that belongs to the security descriptor of an object is set to NULL, a null DACL is created. * If the DACL that belongs to the security descriptor of an object is set to NULL, a null DACL is created.
* A null DACL grants full access to any user who requests it; * A null DACL grants full access to any user who requests it;
* normal security checking is not performed with respect to the object. * normal security checking is not performed with respect to the object.
@@ -49,12 +49,12 @@ class SetSecurityDescriptorDaclFunctionConfiguration extends DataFlow::Configura
from SetSecurityDescriptorDaclFunctionCall call, string message from SetSecurityDescriptorDaclFunctionCall call, string message
where exists( NullValue nullExpr | where exists( NullValue nullExpr |
message = "Setting a SECURITY_DESCRIPTOR<EFBFBD>s DACL to NULL will result in an unprotected object." | message = "Setting a SECURITY_DESCRIPTOR's DACL to NULL will result in an unprotected object." |
call.getArgument(1).getValue().toInt() != 0 call.getArgument(1).getValue().toInt() != 0
and call.getArgument(2) = nullExpr and call.getArgument(2) = nullExpr
) or exists( Expr constassign, VariableAccess var, ) or exists( Expr constassign, VariableAccess var,
SetSecurityDescriptorDaclFunctionConfiguration config | SetSecurityDescriptorDaclFunctionConfiguration config |
message = "Setting a SECURITY_DESCRIPTOR<EFBFBD>s DACL using variable " + var + " that is set to NULL will result in an unprotected object." | message = "Setting a SECURITY_DESCRIPTOR's DACL using variable " + var + " that is set to NULL will result in an unprotected object." |
var = call.getArgument(2) var = call.getArgument(2)
and config.hasFlow(DataFlow::exprNode(constassign), DataFlow::exprNode(var)) and config.hasFlow(DataFlow::exprNode(constassign), DataFlow::exprNode(var))
) )

4
cpp/ql/test/query-tests/Security/CWE/CWE-732/UnsafeDaclSecurityDescriptor.expected
View File

@@ -1,2 +1,2 @@
| UnsafeDaclSecurityDescriptor.cpp:69:6:69:30 | call to SetSecurityDescriptorDacl | Setting a SECURITY_DESCRIPTOR\u2019s DACL to NULL will result in an unprotected object. | | UnsafeDaclSecurityDescriptor.cpp:69:6:69:30 | call to SetSecurityDescriptorDacl | Setting a SECURITY_DESCRIPTOR's DACL to NULL will result in an unprotected object. |
| UnsafeDaclSecurityDescriptor.cpp:75:6:75:30 | call to SetSecurityDescriptorDacl | Setting a SECURITY_DESCRIPTOR\u2019s DACL using variable pDacl that is set to NULL will result in an unprotected object. | | UnsafeDaclSecurityDescriptor.cpp:75:6:75:30 | call to SetSecurityDescriptorDacl | Setting a SECURITY_DESCRIPTOR's DACL using variable pDacl that is set to NULL will result in an unprotected object. |