hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 18:25:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7630 from JarLob/patch-2

Browse Source 
C++: Reduce FPs in IncorrectPrivilegeAssignment.ql
This commit is contained in:
Mathias Vorreiter Pedersen
2022-01-19 09:49:43 +00:00
committed by GitHub
parent 55f787bcae a1b0315d90
commit bdfde88e99
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql
View File

@@ -53,7 +53,15 @@ where
fctmp.getTarget().hasGlobalOrStdName("fopen") or
fctmp.getTarget().hasGlobalOrStdName("open")
) and
not fctmp.getArgument(1).getValue().matches("r%") and
(
fctmp.getArgument(1).getValue().matches("%a%") or
fctmp.getArgument(1).getValue().matches("%w%") or
// unfortunately cannot use numeric value here because // O_CREAT is defined differently on different OSes:
// https://github.com/red/red/blob/92feb0c0d5f91e087ab35fface6906afbf99b603/runtime/definitions.reds#L477-L491
// this may introduce false negatives
fctmp.getArgument(1).(BitwiseOrExpr).getAChild*().getValueText().matches("O_CREAT") or
fctmp.getArgument(1).getValueText().matches("%O_CREAT%")
) and
fctmp.getNumberOfArguments() = 2 and
not fctmp.getArgument(0).getValue() = "/dev/null" and
fcsnd = fctmp