Add files via upload

ihsinme · web-flow · commit 8a1d27132849 · 2021-10-25T14:48:19.000+03:00
diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/semmle/tests/ExposureSensitiveInformationUnauthorizedActor.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/semmle/tests/ExposureSensitiveInformationUnauthorizedActor.expected
@@ -0,0 +1 @@
+| test.cpp:12:8:12:12 | call to fopen | You may have forgotten to restrict access rights when working with a file. |
diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/semmle/tests/ExposureSensitiveInformationUnauthorizedActor.qlref b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/semmle/tests/ExposureSensitiveInformationUnauthorizedActor.qlref
@@ -0,0 +1 @@
+experimental/Security/CWE/CWE-200/ExposureSensitiveInformationUnauthorizedActor.ql
diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/semmle/tests/test.cpp b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/semmle/tests/test.cpp
@@ -0,0 +1,17 @@
+typedef int FILE;
+FILE *fopen(const char *filename, const char *mode);
+int umask(int pmode);
+int chmod(char * filename,int pmode);
+int fprintf(FILE *fp,const char *fmt, ...);
+int fclose(FILE *stream);
+
+int main(int argc, char *argv[])
+{
+  //umask(0022);
+  FILE *fp;
+  fp = fopen("myFile.txt","w"); // BAD
+  //chmod("myFile.txt",0644);
+  fprintf(fp,"%s\n","data to file");
+  fclose(fp);
+  return 0;
+}

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+\| test.cpp:12:8:12:12 \| call to fopen \| You may have forgotten to restrict access rights when working with a file. \|`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+experimental/Security/CWE/CWE-200/ExposureSensitiveInformationUnauthorizedActor.ql`