Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 7869733

Browse files
geoffw0geoffw0
committed
C++: Autoformat result conflation query.
1 parent 88b6bd9 commit 7869733

1 file changed

Lines changed: 11 additions & 17 deletions

File tree

cpp/ql/src/Security/CWE/CWE-295/SSLResultConflation.ql

Lines changed: 11 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -10,15 +10,12 @@
1010
* external/cwe/cwe-295
1111
*/
1212

13-
1413
import cpp
1514
import semmle.code.cpp.controlflow.Guards
1615
import semmle.code.cpp.dataflow.DataFlow
1716

1817
class SSLGetVerifyResultCall extends FunctionCall {
19-
SSLGetVerifyResultCall() {
20-
getTarget().getName() = "SSL_get_verify_result"
21-
}
18+
SSLGetVerifyResultCall() { getTarget().getName() = "SSL_get_verify_result" }
2219
}
2320

2421
class VerifyResultConfig extends DataFlow::Configuration {
@@ -29,21 +26,18 @@ class VerifyResultConfig extends DataFlow::Configuration {
2926
}
3027

3128
override predicate isSink(DataFlow::Node sink) {
32-
exists(GuardCondition guard |
33-
guard.getAChild*() = sink.asExpr()
34-
)
29+
exists(GuardCondition guard | guard.getAChild*() = sink.asExpr())
3530
}
3631
}
3732

3833
from
39-
VerifyResultConfig config, DataFlow::Node source, DataFlow::Node sink1, DataFlow::Node sink2,
40-
GuardCondition guard, Expr c1, Expr c2, boolean testIsTrue
34+
VerifyResultConfig config, DataFlow::Node source, DataFlow::Node sink1, DataFlow::Node sink2,
35+
GuardCondition guard, Expr c1, Expr c2, boolean testIsTrue
4136
where
42-
config.hasFlow(source, sink1) and
43-
config.hasFlow(source, sink2) and
44-
guard.comparesEq(sink1.asExpr(), c1, 0, false, testIsTrue) and // (value != c1) => testIsTrue
45-
guard.comparesEq(sink2.asExpr(), c2, 0, false, testIsTrue) and // (value != c2) => testIsTrue
46-
c1.getValue().toInt() = 0 and
47-
c2.getValue().toInt() != 0
48-
select
49-
guard, "This expression conflates OK and non-OK results from $@.", source, source.toString()
37+
config.hasFlow(source, sink1) and
38+
config.hasFlow(source, sink2) and
39+
guard.comparesEq(sink1.asExpr(), c1, 0, false, testIsTrue) and // (value != c1) => testIsTrue
40+
guard.comparesEq(sink2.asExpr(), c2, 0, false, testIsTrue) and // (value != c2) => testIsTrue
41+
c1.getValue().toInt() = 0 and
42+
c2.getValue().toInt() != 0
43+
select guard, "This expression conflates OK and non-OK results from $@.", source, source.toString()

0 commit comments

Comments
 (0)