hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 12:16:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
b94ade3bddac525df55df576772592805b45a42b
codeql/cpp/ql/lib/semmle/code/cpp/security/PrivateData.qll
Geoffrey White b94ade3bdd C++: Improve the regexps.
2022-03-29 10:03:58 +01:00

68 lines
2.2 KiB
Plaintext
Raw Blame History

/**
* Provides classes for heuristically identifying variables and functions that
* might contain or return sensitive private data.
*
* 'Private' data in general is anything that would compromise user privacy if
* exposed. This library tries to guess where private data may either be stored
* in a variable or returned by a function call.
*
* This library is not concerned with credentials. See `SensitiveExprs.qll` for
* expressions related to credentials.
*/
import cpp
/**
* A string for `regexpMatch` that identifies strings that look like they
* represent private data.
*/
private string privateNames() {
result =
".*(" +
// Inspired by the list on https://cwe.mitre.org/data/definitions/359.html
// Government identifiers, such as Social Security Numbers
"social.?security|" +
// Contact information, such as home addresses and telephone numbers
"post.?code|zip.?code|telephone|" +
// Geographic location - where the user is (or was)
"latitude|longitude|" +
// Financial data - such as credit card numbers, salary, bank accounts, and debts
"credit.?card|salary|bank.?account|" +
// Communications - e-mail addresses, private e-mail messages, SMS text messages, chat logs, etc.
"email|mobile|employer|" +
// Health - medical conditions, insurance status, prescription records
"medical" +
// ---
").*"
}
/**
* A variable that might contain sensitive private information.
*/
class PrivateDataVariable extends Variable {
PrivateDataVariable() {
this.getName().toLowerCase().regexpMatch(privateNames()) and
not this.getUnspecifiedType() instanceof IntegralType
}
}
/**
* A function that might return sensitive private information.
*/
class PrivateDataFunction extends Function {
PrivateDataFunction() {
this.getName().toLowerCase().regexpMatch(privateNames()) and
not this.getUnspecifiedType() instanceof IntegralType
}
}
/**
* An expression whose value might be sensitive private information.
*/
class PrivateDataExpr extends Expr {
PrivateDataExpr() {
this.(VariableAccess).getTarget() instanceof PrivateDataVariable or
this.(FunctionCall).getTarget() instanceof PrivateDataFunction
}
}
Reference in New Issue View Git Blame Copy Permalink