mirror of
https://github.com/github/codeql.git
synced 2025-12-24 12:46:34 +01:00
2c5dd2dfa3
This PR separates the core cpp packs into `codeql/cpp-queries` and `codeql/cpp-all`. There are very few lines of code changed. Almost all changes are moving files around.
36 lines
906 B
Plaintext
36 lines
906 B
Plaintext
/**
|
|
* Reading from the environment, for example with 'getenv'.
|
|
*/
|
|
|
|
import cpp
|
|
|
|
/**
|
|
* An expression that reads from an environment variable.
|
|
*/
|
|
class EnvironmentRead extends Expr {
|
|
EnvironmentRead() { readsEnvironment(this, _) }
|
|
|
|
/**
|
|
* The name of the environment variable.
|
|
*/
|
|
string getEnvironmentVariable() {
|
|
// Conveniently, it's always the first argument to the call
|
|
this.(Call).getArgument(0).(TextLiteral).getValue() = result
|
|
}
|
|
|
|
/**
|
|
* A very short description of the source, suitable for use in
|
|
* an error message.
|
|
*/
|
|
string getSourceDescription() { readsEnvironment(this, result) }
|
|
}
|
|
|
|
private predicate readsEnvironment(Expr read, string sourceDescription) {
|
|
exists(FunctionCall call, string name |
|
|
read = call and
|
|
call.getTarget().hasGlobalOrStdName(name) and
|
|
name = ["getenv", "secure_getenv", "_wgetenv"] and
|
|
sourceDescription = name
|
|
)
|
|
}
|