Skip to content

Commit a4ec01e

Browse files
d10cd10c
committed
C++: UnsafeCreateProcessCall
1 parent c94973a commit a4ec01e

1 file changed

Lines changed: 10 additions & 14 deletions

File tree

cpp/ql/src/Security/CWE/CWE-428/UnsafeCreateProcessCall.ql

Lines changed: 10 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -63,16 +63,14 @@ module NullAppNameCreateProcessFunctionConfig implements DataFlow::ConfigSig {
6363
)
6464
}
6565

66-
predicate observeDiffInformedIncrementalMode() {
67-
any() // TODO: Make sure that the location overrides match the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 101 (/Users/d10c/src/semmle-code/ql/cpp/ql/src/Security/CWE/CWE-428/UnsafeCreateProcessCall.ql@111:8:111:11)
68-
}
66+
predicate observeDiffInformedIncrementalMode() { any() }
6967

70-
Location getASelectedSourceLocation(DataFlow::Node source) {
71-
none() // TODO: Make sure that this source location matches the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 101 (/Users/d10c/src/semmle-code/ql/cpp/ql/src/Security/CWE/CWE-428/UnsafeCreateProcessCall.ql@111:8:111:11)
72-
}
68+
Location getASelectedSourceLocation(DataFlow::Node source) { none() }
7369

7470
Location getASelectedSinkLocation(DataFlow::Node sink) {
75-
none() // TODO: Make sure that this sink location matches the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 101 (/Users/d10c/src/semmle-code/ql/cpp/ql/src/Security/CWE/CWE-428/UnsafeCreateProcessCall.ql@111:8:111:11)
71+
exists(CreateProcessFunctionCall call | result = call.getLocation() |
72+
sink.asExpr() = call.getArgument(call.getApplicationNameArgumentId())
73+
)
7674
}
7775
}
7876

@@ -95,16 +93,14 @@ module QuotedCommandInCreateProcessFunctionConfig implements DataFlow::ConfigSig
9593
)
9694
}
9795

98-
predicate observeDiffInformedIncrementalMode() {
99-
any() // TODO: Make sure that the location overrides match the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 106 (/Users/d10c/src/semmle-code/ql/cpp/ql/src/Security/CWE/CWE-428/UnsafeCreateProcessCall.ql@111:8:111:11)
100-
}
96+
predicate observeDiffInformedIncrementalMode() { any() }
10197

102-
Location getASelectedSourceLocation(DataFlow::Node source) {
103-
none() // TODO: Make sure that this source location matches the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 106 (/Users/d10c/src/semmle-code/ql/cpp/ql/src/Security/CWE/CWE-428/UnsafeCreateProcessCall.ql@111:8:111:11)
104-
}
98+
Location getASelectedSourceLocation(DataFlow::Node source) { none() }
10599

106100
Location getASelectedSinkLocation(DataFlow::Node sink) {
107-
none() // TODO: Make sure that this sink location matches the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 106 (/Users/d10c/src/semmle-code/ql/cpp/ql/src/Security/CWE/CWE-428/UnsafeCreateProcessCall.ql@111:8:111:11)
101+
exists(CreateProcessFunctionCall call | result = call.getLocation() |
102+
sink.asExpr() = call.getArgument(call.getCommandLineArgumentId())
103+
)
108104
}
109105
}
110106

0 commit comments

Comments
 (0)