Address review comments

jketema · jketema · commit 0b9b6d7b98de · 2022-02-03T12:09:18.000+01:00
diff --git a/cpp/ql/lib/change-notes/2022-02-02-detect-creat-in-openat.md b/cpp/ql/lib/change-notes/2022-02-02-detect-creat-in-openat.md
@@ -1,4 +1,4 @@
 ---
 category: minorAnalysis
 ---
-* he `cpp/world-writable-file-creation` query now only detects `open` and `openat` calls with the `O_CREAT` or `O_TMPFILE` flag.
+* The `cpp/world-writable-file-creation` query now only detects `open` and `openat` calls with the `O_CREAT` or `O_TMPFILE` flag.
diff --git a/cpp/ql/lib/semmle/code/cpp/commons/unix/Constants.qll b/cpp/ql/lib/semmle/code/cpp/commons/unix/Constants.qll
@@ -13,7 +13,7 @@ bindingset[input]
 int parseOctal(string input) {
   input.regexpMatch("0[0-7]+") and
   result =
-    sum(int ix |
+    strictsum(int ix |
       ix in [1 .. input.length()]
     |
       8.pow(input.length() - (ix + 1)) * input.charAt(ix).toInt()
diff --git a/cpp/ql/src/Security/CWE/CWE-732/FilePermissions.qll b/cpp/ql/src/Security/CWE/CWE-732/FilePermissions.qll
@@ -6,14 +6,18 @@ int parseHex(string input) {
   exists(string lowerCaseInput | lowerCaseInput = input.toLowerCase() |
     lowerCaseInput.regexpMatch("0x[0-9a-f]+") and
     result =
-      sum(int ix |
+      strictsum(int ix |
         ix in [2 .. input.length()]
       |
         16.pow(input.length() - (ix + 1)) * "0123456789abcdef".indexOf(lowerCaseInput.charAt(ix))
       )
   )
 }
 
+/**
+ * Gets the value defined by the `O_CREAT` macro if the macro
+ * exists and if every definition defines the same value.
+ */
 int o_creat() {
   result =
     unique(int v |
@@ -23,6 +27,10 @@ int o_creat() {
     )
 }
 
+/**
+ * Gets the value defined by the `O_TMPFILE` macro if the macro
+ * exists and if every definition defines the same value.
+ */
 int o_tmpfile() {
   result =
     unique(int v |

Original file line number	Diff line number	Diff line change
`@@ -13,7 +13,7 @@ bindingset[input]`
`13`	`13`	`int parseOctal(string input) {`
`14`	`14`	`input.regexpMatch("0[0-7]+") and`
`15`	`15`	`result =`
`16`		`- sum(int ix \|`
	`16`	`+ strictsum(int ix \|`
`17`	`17`	`ix in [1 .. input.length()]`
`18`	`18`	`\|`
`19`	`19`	`8.pow(input.length() - (ix + 1)) * input.charAt(ix).toInt()`
Original file line number	Diff line number	Diff line change
`@@ -6,14 +6,18 @@ int parseHex(string input) {`
`6`	`6`	`exists(string lowerCaseInput \| lowerCaseInput = input.toLowerCase() \|`
`7`	`7`	`lowerCaseInput.regexpMatch("0x[0-9a-f]+") and`
`8`	`8`	`result =`
`9`		`- sum(int ix \|`
	`9`	`+ strictsum(int ix \|`
`10`	`10`	`ix in [2 .. input.length()]`
`11`	`11`	`\|`
`12`	`12`	`16.pow(input.length() - (ix + 1)) * "0123456789abcdef".indexOf(lowerCaseInput.charAt(ix))`
`13`	`13`	`)`
`14`	`14`	`)`
`15`	`15`	`}`
`16`	`16`
	`17`	`+/**`
	`18`	+ * Gets the value defined by the `O_CREAT` macro if the macro
	`19`	`+ * exists and if every definition defines the same value.`
	`20`	`+ */`
`17`	`21`	`int o_creat() {`
`18`	`22`	`result =`
`19`	`23`	`unique(int v \|`
`@@ -23,6 +27,10 @@ int o_creat() {`
`23`	`27`	`)`
`24`	`28`	`}`
`25`	`29`
	`30`	`+/**`
	`31`	+ * Gets the value defined by the `O_TMPFILE` macro if the macro
	`32`	`+ * exists and if every definition defines the same value.`
	`33`	`+ */`
`26`	`34`	`int o_tmpfile() {`
`27`	`35`	`result =`
`28`	`36`	`unique(int v \|`