hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Add GVN.

Browse Source
This commit is contained in:
Geoffrey White
2022-02-24 16:42:37 +00:00
parent 0bb9a95563
commit 899ae90ba4
3 changed files with 3 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
cpp/ql/src/Security/CWE/CWE-319/UseOfHttp.ql
View File

@@ -12,6 +12,7 @@
import cpp
import semmle.code.cpp.dataflow.TaintTracking
import semmle.code.cpp.valuenumbering.GlobalValueNumbering
import DataFlow::PathGraph
/**
@@ -61,7 +62,7 @@ class HttpStringToUrlOpenConfig extends TaintTracking::Configuration {
// block taint starting at `strstr`, which is likely testing an existing URL, rather than constructing an HTTP URL.
not exists(FunctionCall fc |
fc.getTarget().getName() = ["strstr", "strcasestr"] and
fc.getAnArgument() = src.asExpr()
fc.getArgument(1) = globalValueNumber(src.asExpr()).getAnExpr()
)
}