Merge pull request #7149 from geoffw0/non-https-url2

C++: Minor improvements to 'Failure to use HTTPS URLs' query
2026-05-05 05:35:13 +02:00 · 2021-11-17 10:05:30 +00:00
parent 474c808373 ea9640a39d
commit d232283647
1 changed files with 6 additions and 1 deletions
--- a/cpp/ql/src/Security/CWE/CWE-319/UseOfHttp.ql
+++ b/cpp/ql/src/Security/CWE/CWE-319/UseOfHttp.ql
@@ -7,6 +7,7 @@
 * @id cpp/non-https-url
 * @tags security
 *       external/cwe/cwe-319
+ *       external/cwe/cwe-345
 */

 import cpp
@@ -61,7 +62,11 @@ class HttpStringToUrlOpenConfig extends TaintTracking::Configuration {
    // accessed as a URL, for example using it in a network access. Some
    // URLs are only ever displayed or used for data processing.
    exists(FunctionCall fc |
-      fc.getTarget().hasGlobalOrStdName(["system", "gethostbyname", "getaddrinfo"]) and
+      fc.getTarget()
+          .hasGlobalOrStdName([
+              "system", "gethostbyname", "gethostbyname2", "gethostbyname_r", "getaddrinfo",
+              "X509_load_http", "X509_CRL_load_http"
+            ]) and
      sink.asExpr() = fc.getArgument(0)
      or
      fc.getTarget().hasGlobalOrStdName(["send", "URLDownloadToFile", "URLDownloadToCacheFile"]) and