Skip to content

Commit 8a3c2c0

Browse files
d10cd10c
committed
C++: CleartextTransmission
1 parent 1cb5977 commit 8a3c2c0

1 file changed

Lines changed: 8 additions & 12 deletions

File tree

cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql

Lines changed: 8 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -246,8 +246,12 @@ module FromSensitiveConfig implements DataFlow::ConfigSig {
246246
isSource(node)
247247
}
248248

249-
predicate observeDiffInformedIncrementalMode() {
250-
any() // TODO: Make sure that the location overrides match the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 293 (/Users/d10c/src/semmle-code/ql/cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql@308:8:308:22), Flow call outside 'select' clause (/Users/d10c/src/semmle-code/ql/cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql@256:47:256:80), Flow call outside 'select' clause (/Users/d10c/src/semmle-code/ql/cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql@279:43:279:73)
249+
predicate observeDiffInformedIncrementalMode() { any() }
250+
251+
Location getASelectedSinkLocation(DataFlow::Node sink) {
252+
exists(NetworkSendRecv networkSendRecv | result = networkSendRecv.getLocation() |
253+
isSinkSendRecv(sink, networkSendRecv)
254+
)
251255
}
252256
}
253257

@@ -272,11 +276,7 @@ module ToEncryptionConfig implements DataFlow::ConfigSig {
272276
}
273277

274278
predicate observeDiffInformedIncrementalMode() {
275-
any() // TODO: Make sure that the location overrides match the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 296 (/Users/d10c/src/semmle-code/ql/cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql@308:8:308:22)
276-
}
277-
278-
Location getASelectedSinkLocation(DataFlow::Node sink) {
279-
none() // TODO: Make sure that this sink location matches the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 296 (/Users/d10c/src/semmle-code/ql/cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql@308:8:308:22)
279+
none() // only used negatively
280280
}
281281
}
282282

@@ -295,11 +295,7 @@ module FromEncryptionConfig implements DataFlow::ConfigSig {
295295
}
296296

297297
predicate observeDiffInformedIncrementalMode() {
298-
any() // TODO: Make sure that the location overrides match the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 297 (/Users/d10c/src/semmle-code/ql/cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql@308:8:308:22), Column 5 does not select a source or sink originating from the flow call on line 297 (/Users/d10c/src/semmle-code/ql/cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql@308:44:308:59)
299-
}
300-
301-
Location getASelectedSourceLocation(DataFlow::Node source) {
302-
none() // TODO: Make sure that this source location matches the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 297 (/Users/d10c/src/semmle-code/ql/cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql@308:8:308:22), Column 5 does not select a source or sink originating from the flow call on line 297 (/Users/d10c/src/semmle-code/ql/cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql@308:44:308:59)
298+
none() // only used negatively
303299
}
304300
}
305301

0 commit comments

Comments
 (0)