hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 13:45:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Exclude macros that don't generate anything.

Browse Source
This commit is contained in:
Geoffrey White
2021-05-12 14:51:47 +01:00
parent b6d5f7c315
commit 9404d0676d
3 changed files with 11 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
cpp/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql
View File

@@ -23,7 +23,10 @@ Function getAnInsecureFunction() {
} }
class InsecureFunctionCall extends InsecureCryptoSpec, FunctionCall { class InsecureFunctionCall extends InsecureCryptoSpec, FunctionCall {
InsecureFunctionCall() { this.getTarget() = getAnInsecureFunction() } InsecureFunctionCall() {
// the function name suggests it relates to an insecure crypto algorithm.
this.getTarget() = getAnInsecureFunction()
}
override string description() { result = "function call" } override string description() { result = "function call" }
@@ -38,7 +41,12 @@ Macro getAnInsecureMacro() {
} }
class InsecureMacroSpec extends InsecureCryptoSpec, MacroInvocation { class InsecureMacroSpec extends InsecureCryptoSpec, MacroInvocation {
InsecureMacroSpec() { this.getMacro() = getAnInsecureMacro() } InsecureMacroSpec() {
// the macro name suggests it relates to an insecure crypto algorithm.
this.getMacro() = getAnInsecureMacro() and
// the macro invocation generates something.
exists(this.getAGeneratedElement())
}
override string description() { result = "macro invocation" } override string description() { result = "macro invocation" }

1
cpp/ql/test/query-tests/Security/CWE/CWE-327/BrokenCryptoAlgorithm.expected
View File

@@ -10,7 +10,6 @@
| test.cpp:38:2:38:31 | ENCRYPT_WITH_DES(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. | | test.cpp:38:2:38:31 | ENCRYPT_WITH_DES(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. |
| test.cpp:39:2:39:31 | ENCRYPT_WITH_RC2(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. | | test.cpp:39:2:39:31 | ENCRYPT_WITH_RC2(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. |
| test.cpp:42:2:42:38 | ENCRYPT_WITH_TRIPLE_DES(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. | | test.cpp:42:2:42:38 | ENCRYPT_WITH_TRIPLE_DES(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. |
| test.cpp:44:2:44:39 | ENCRYPT_WITH_DES_REMOVED(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. |
| test.cpp:51:2:51:32 | DES_DO_ENCRYPTION(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. | | test.cpp:51:2:51:32 | DES_DO_ENCRYPTION(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. |
| test.cpp:52:2:52:31 | RUN_DES_ENCODING(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. | | test.cpp:52:2:52:31 | RUN_DES_ENCODING(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. |
| test.cpp:53:2:53:25 | DES_ENCODE(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. | | test.cpp:53:2:53:25 | DES_ENCODE(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. |

2
cpp/ql/test/query-tests/Security/CWE/CWE-327/test.cpp
View File

@@ -41,7 +41,7 @@ void test_macros(void *data, size_t amount, const char *str)
ENCRYPT_WITH_3DES(data, amount); // GOOD (good enough algorithm) ENCRYPT_WITH_3DES(data, amount); // GOOD (good enough algorithm)
ENCRYPT_WITH_TRIPLE_DES(data, amount); // GOOD (good enough algorithm) [FALSE POSITIVE] ENCRYPT_WITH_TRIPLE_DES(data, amount); // GOOD (good enough algorithm) [FALSE POSITIVE]
ENCRYPT_WITH_RC20(data, amount); // GOOD (if there ever is an RC20 algorithm, we have no reason to believe it's weak) ENCRYPT_WITH_RC20(data, amount); // GOOD (if there ever is an RC20 algorithm, we have no reason to believe it's weak)
ENCRYPT_WITH_DES_REMOVED(data, amount); // GOOD (implementation has been deleted) [FALSE POSITIVE] ENCRYPT_WITH_DES_REMOVED(data, amount); // GOOD (implementation has been deleted)
DESENCRYPT(data, amount); // BAD [NOT DETECTED] DESENCRYPT(data, amount); // BAD [NOT DETECTED]
RC2ENCRYPT(data, amount); // BAD [NOT DETECTED] RC2ENCRYPT(data, amount); // BAD [NOT DETECTED]