remove old comments

am0o0 · am0o0 · commit 273848c8796f · 2024-06-07T05:40:17.000+02:00
diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-409-DecompressionBomb/DecompressionBombs.ql b/cpp/ql/src/experimental/Security/CWE/CWE-409-DecompressionBomb/DecompressionBombs.ql
@@ -115,12 +115,10 @@ module DecompressionTaintConfig implements DataFlow::StateConfigSig {
     (
       exists(FunctionCall fc | fc.getTarget() instanceof GzopenFunction |
         fc.getArgument(0) = source.asExpr() and
-        // arg 0 can be a path string whichwe must do following check
+        // arg 0 can be a path string which we must do following check
         not fc.getArgument(0).isConstant()
       )
       or
-      // IDK whether it is good to use all file decriptors function returns as source or not
-      // because we can do more sanitization from fd function sources
       exists(FunctionCall fc | fc.getTarget() instanceof GzdopenFunction |
         fc.getArgument(0) = source.asExpr()
       )

Original file line number	Diff line number	Diff line change
`@@ -115,12 +115,10 @@ module DecompressionTaintConfig implements DataFlow::StateConfigSig {`
`115`	`115`	`(`
`116`	`116`	`exists(FunctionCall fc \| fc.getTarget() instanceof GzopenFunction \|`
`117`	`117`	`fc.getArgument(0) = source.asExpr() and`
`118`		`- // arg 0 can be a path string whichwe must do following check`
	`118`	`+ // arg 0 can be a path string which we must do following check`
`119`	`119`	`not fc.getArgument(0).isConstant()`
`120`	`120`	`)`
`121`	`121`	`or`
`122`		`- // IDK whether it is good to use all file decriptors function returns as source or not`
`123`		`- // because we can do more sanitization from fd function sources`
`124`	`122`	`exists(FunctionCall fc \| fc.getTarget() instanceof GzdopenFunction \|`
`125`	`123`	`fc.getArgument(0) = source.asExpr()`
`126`	`124`	`)`