Fix UnicodeDoS vulnerability in CWE-770 code

2025-12-21 03:06:31 +01:00 · 2024-03-12 21:09:10 +00:00
parent 085d803b14
commit af19a0342e
1 changed files with 7 additions and 7 deletions
--- a/python/ql/src/experimental/Security/CWE-770/UnicodeDoS.ql
+++ b/python/ql/src/experimental/Security/CWE-770/UnicodeDoS.ql
@@ -61,15 +61,15 @@ predicate underAValue(DataFlow::GuardNode g, ControlFlowNode node, boolean branc
        branch = true and
        cn.operands(_, op_gt, n.asCfgNode())
        or
-        // not arg <= LIMIT OR not arg < LIMIT
-        (op_lt = any(LtE lte) or op_lt = any(Lt lt)) and
-        branch = false and
-        cn.operands(n.asCfgNode(), op_lt, _)
-        or
-        // not LIMIT >= arg OR not LIMIT > arg
+        // not arg >= LIMIT OR not arg > LIMIT
        (op_gt = any(GtE gte) or op_gt = any(Gt gt)) and
        branch = false and
-        cn.operands(_, op_gt, n.asCfgNode())
+        cn.operands(n.asCfgNode(), op_gt, _)
+        or
+        // not LIMIT <= arg OR not LIMIT < arg
+        (op_lt = any(LtE lte) or op_lt = any(Lt lt)) and
+        branch = false and
+        cn.operands(_, op_lt, n.asCfgNode())
      )
    |
      lenCall = API::builtin("len").getACall() and