hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Removing all usage of single quotes

Browse Source
This commit is contained in:
Raul Garcia
2018-09-25 10:50:34 -07:00
parent a566ffae4a
commit d6d27df27b
3 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cpp/ql/src/Security/CWE/CWE-732/UnsafeDaclSecurityDescriptor.qhelp
View File

@@ -4,7 +4,7 @@
<qhelp>
<overview>
<p>This query indicates that a call is setting the <code>SECURITY_DESCRIPTOR</code>'s DACL field to null.</p>
<p>This query indicates that a call is setting the DACL field in a <code>SECURITY_DESCRIPTOR</code> to null.</p>
<p>When using <code>SetSecurityDescriptorDacl</code> to set a discretionary access control (DACL), setting the <code>bDaclPresent</code> argument to <code>TRUE</code> indicates the prescence of a DACL in the security description in the argument <code>pDacl</code>.</p>
<p>When the <code>pDacl</code> parameter does not point to a DACL (i.e. it is <code>NULL</code>) and the <code>bDaclPresent</code> flag is <code>TRUE</code>, a <code>NULL DACL</code> is specified.</p>
<p>A <code>NULL DACL</code> grants full access to any user who requests it; normal security checking is not performed with respect to the object.</p>

8
cpp/ql/src/Security/CWE/CWE-732/UnsafeDaclSecurityDescriptor.ql
View File

@@ -1,6 +1,6 @@
/**
* @name Setting a SECURITY_DESCRIPTOR's DACL to NULL
* @description Setting a SECURITY_DESCRIPTOR's DACL to NULL will result in an unprotected object.
* @name Setting a DACL to NULL in a SECURITY_DESCRIPTOR
* @description Setting a DACL to NULL in a SECURITY_DESCRIPTOR will result in an unprotected object.
* If the DACL that belongs to the security descriptor of an object is set to NULL, a null DACL is created.
* A null DACL grants full access to any user who requests it;
* normal security checking is not performed with respect to the object.
@@ -53,14 +53,14 @@ from SetSecurityDescriptorDaclFunctionCall call, string message
where exists
(
NullValue nullExpr |
message = "Setting a SECURITY_DESCRIPTOR's DACL to NULL will result in an unprotected object." |
message = "Setting a DACL to NULL in a SECURITY_DESCRIPTOR will result in an unprotected object." |
call.getArgument(1).getValue().toInt() != 0
and call.getArgument(2) = nullExpr
) or exists
(
Expr constassign, VariableAccess var,
SetSecurityDescriptorDaclFunctionConfiguration config |
message = "Setting a SECURITY_DESCRIPTOR's DACL using variable " + var + " that is set to NULL will result in an unprotected object." |
message = "Setting a DACL to NULL in a SECURITY_DESCRIPTOR using variable " + var + " that is set to NULL will result in an unprotected object." |
var = call.getArgument(2)
and config.hasFlow(DataFlow::exprNode(constassign), DataFlow::exprNode(var))
)

4
cpp/ql/test/query-tests/Security/CWE/CWE-732/UnsafeDaclSecurityDescriptor.expected
View File

@@ -1,2 +1,2 @@
| UnsafeDaclSecurityDescriptor.cpp:70:9:70:33 | call to SetSecurityDescriptorDacl | Setting a SECURITY_DESCRIPTOR\u2019s DACL to NULL will result in an unprotected object. |
| UnsafeDaclSecurityDescriptor.cpp:76:9:76:33 | call to SetSecurityDescriptorDacl | Setting a SECURITY_DESCRIPTOR\u2019s DACL using variable pDacl that is set to NULL will result in an unprotected object. |
| UnsafeDaclSecurityDescriptor.cpp:70:9:70:33 | call to SetSecurityDescriptorDacl | Setting a DACL to NULL in a SECURITY_DESCRIPTOR will result in an unprotected object. |
| UnsafeDaclSecurityDescriptor.cpp:76:9:76:33 | call to SetSecurityDescriptorDacl | Setting a DACL to NULL in a SECURITY_DESCRIPTOR using variable pDacl that is set to NULL will result in an unprotected object. |