Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 19d1578

Browse files
geoffw0geoffw0
committed
C++: Clean up.
1 parent b332659 commit 19d1578

1 file changed

Lines changed: 23 additions & 18 deletions

File tree

cpp/ql/src/Security/CWE/CWE-611/Xerces.qll

Lines changed: 23 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -99,19 +99,6 @@ class CreateXmlReader extends Function {
9999
}
100100
}
101101

102-
/**
103-
* The `AbstractDOMParser.parse`, `DOMLSParserClass.parse`, `SAXParser.parse`
104-
* or `SAX2XMLReader.parse` method.
105-
*/
106-
class ParseFunction extends Function {
107-
ParseFunction() {
108-
this.getClassAndName("parse") instanceof AbstractDOMParserClass or
109-
this.getClassAndName("parse") instanceof DomLSParserClass or
110-
this.getClassAndName("parse") instanceof SaxParserClass or
111-
this.getClassAndName("parse") instanceof Sax2XmlReader
112-
}
113-
}
114-
115102
/**
116103
* The `XercesDOMParser` interface for the Xerces XML library.
117104
*/
@@ -130,9 +117,9 @@ class XercesDomParserLibrary extends XmlLibrary {
130117
}
131118

132119
override predicate configurationSink(DataFlow::Node node, string flowstate) {
133-
// sink is the read of the qualifier of a call to `parse`.
120+
// sink is the read of the qualifier of a call to `AbstractDOMParser.parse`.
134121
exists(Call call |
135-
call.getTarget() instanceof ParseFunction and
122+
call.getTarget().getClassAndName("parse") instanceof AbstractDOMParserClass and
136123
call.getQualifier() = node.asConvertedExpr()
137124
) and
138125
flowstate instanceof XercesFlowState and
@@ -156,7 +143,13 @@ class CreateLSParserLibrary extends XmlLibrary {
156143
}
157144

158145
override predicate configurationSink(DataFlow::Node node, string flowstate) {
159-
none() // uses the existing sinks from `XercesDomParserLibrary`
146+
// sink is the read of the qualifier of a call to `DOMLSParserClass.parse`.
147+
exists(Call call |
148+
call.getTarget().getClassAndName("parse") instanceof DomLSParserClass and
149+
call.getQualifier() = node.asConvertedExpr()
150+
) and
151+
flowstate instanceof XercesFlowState and
152+
not encodeXercesFlowState(flowstate, 1, 1) // safe configuration
160153
}
161154
}
162155

@@ -178,7 +171,13 @@ class SaxParserLibrary extends XmlLibrary {
178171
}
179172

180173
override predicate configurationSink(DataFlow::Node node, string flowstate) {
181-
none() // uses the existing sinks from `XercesDomParserLibrary`
174+
// sink is the read of the qualifier of a call to `SAXParser.parse`.
175+
exists(Call call |
176+
call.getTarget().getClassAndName("parse") instanceof SaxParserClass and
177+
call.getQualifier() = node.asConvertedExpr()
178+
) and
179+
flowstate instanceof XercesFlowState and
180+
not encodeXercesFlowState(flowstate, 1, 1) // safe configuration
182181
}
183182
}
184183

@@ -198,7 +197,13 @@ class Sax2XmlReaderLibrary extends XmlLibrary {
198197
}
199198

200199
override predicate configurationSink(DataFlow::Node node, string flowstate) {
201-
none() // uses the existing sinks from `XercesDomParserLibrary`
200+
// sink is the read of the qualifier of a call to `SAX2XMLReader.parse`.
201+
exists(Call call |
202+
call.getTarget().getClassAndName("parse") instanceof Sax2XmlReader and
203+
call.getQualifier() = node.asConvertedExpr()
204+
) and
205+
flowstate instanceof XercesFlowState and
206+
not encodeXercesFlowState(flowstate, 1, 1) // safe configuration
202207
}
203208
}
204209

0 commit comments

Comments
 (0)