Thanks to visit codestin.com Credit goes to github.com
We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
1 parent b3f4357 commit b73dc98Copy full SHA for b73dc98
1 file changed
cpp/ql/src/Security/CWE/CWE-311/CleartextFileWrite.ql
@@ -65,6 +65,7 @@ where
65
midNode.getNode().asExpr() = mid and
66
mid = w.getASource() and
67
dest = w.getDest() and
68
+ not dest.(VariableAccess).getTarget().getName() = ["stdin", "stdout", "stderr"] and // exclude calls with standard streams
69
not isFileName(globalValueNumber(source)) and // file names are not passwords
70
not exists(string convChar | convChar = w.getSourceConvChar(mid) | not convChar = ["s", "S"]) // ignore things written with other conversion characters
71
select w, sourceNode, midNode,
0 commit comments