C++: Don't track indirection expressions in 'cpp/cleartext-transmission'. Instead, just track the direct expression.

MathiasVP · MathiasVP · commit 4ace1714476c · 2022-12-16T13:26:53.000Z
diff --git a/cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql b/cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql
@@ -224,7 +224,7 @@ predicate isSinkEncrypt(DataFlow::Node sink, Encrypted enc) {
  */
 predicate isSourceImpl(DataFlow::Node source) {
   exists(Expr e |
-    e = source.asIndirectConvertedExpr() and
+    e = source.asConvertedExpr() and
     e.getUnconverted().(VariableAccess).getTarget() instanceof SourceVariable and
     not e.hasConversion()
   )

Original file line number	Diff line number	Diff line change
`@@ -224,7 +224,7 @@ predicate isSinkEncrypt(DataFlow::Node sink, Encrypted enc) {`
`224`	`224`	`*/`
`225`	`225`	`predicate isSourceImpl(DataFlow::Node source) {`
`226`	`226`	`exists(Expr e \|`
`227`		`- e = source.asIndirectConvertedExpr() and`
	`227`	`+ e = source.asConvertedExpr() and`
`228`	`228`	`e.getUnconverted().(VariableAccess).getTarget() instanceof SourceVariable and`
`229`	`229`	`not e.hasConversion()`
`230`	`230`	`)`