Merge pull request github#6926 from geoffw0/setliterals2

C++: Use set literals (more).

Author: MathiasVP

cpp/ql/src/Likely Bugs/Memory Management/NtohlArrayNoBound.qll

@@ -126,13 +126,7 @@ class MallocSizeExpr extends BufferAccess, FunctionCall {
 }
 
 class NetworkFunctionCall extends FunctionCall {
-  NetworkFunctionCall() {
-    getTarget().hasName("ntohd") or
-    getTarget().hasName("ntohf") or
-    getTarget().hasName("ntohl") or
-    getTarget().hasName("ntohll") or
-    getTarget().hasName("ntohs")
-  }
+  NetworkFunctionCall() { getTarget().hasName(["ntohd", "ntohf", "ntohl", "ntohll", "ntohs"]) }
 }
 
 class NetworkToBufferSizeConfiguration extends DataFlow::Configuration {

cpp/ql/src/Security/CWE/CWE-497/ExposedSystemData.ql

@@ -103,12 +103,7 @@ private predicate posixSystemInfo(FunctionCall source, Element use) {
   //  - various filesystem parameters
   // int uname(struct utsname *buf)
   //  - OS name and version
-  (
-    source.getTarget().hasName("confstr") or
-    source.getTarget().hasName("statvfs") or
-    source.getTarget().hasName("fstatvfs") or
-    source.getTarget().hasName("uname")
-  ) and
+  source.getTarget().hasName(["confstr", "statvfs", "fstatvfs", "uname"]) and
   use = source.getArgument(1)
 }
 
@@ -128,14 +123,9 @@ private predicate posixPWInfo(FunctionCall source, Element use) {
   // struct group  *getgrnam(const char *name);
   // struct group  *getgrgid(gid_t);
   // struct group  *getgrent(void);
-  (
-    source.getTarget().hasName("getpwnam") or
-    source.getTarget().hasName("getpwuid") or
-    source.getTarget().hasName("getpwent") or
-    source.getTarget().hasName("getgrnam") or
-    source.getTarget().hasName("getgrgid") or
-    source.getTarget().hasName("getgrent")
-  ) and
+  source
+      .getTarget()
+      .hasName(["getpwnam", "getpwuid", "getpwent", "getgrnam", "getgrgid", "getgrent"]) and
   use = source
   or
   // int getpwnam_r(const char *name, struct passwd *pwd,
@@ -146,31 +136,15 @@ private predicate posixPWInfo(FunctionCall source, Element use) {
   //                char *buf, size_t buflen, struct group **result);
   // int getgrnam_r(const char *name, struct group *grp,
   //                char *buf, size_t buflen, struct group **result);
-  (
-    source.getTarget().hasName("getpwnam_r") or
-    source.getTarget().hasName("getpwuid_r") or
-    source.getTarget().hasName("getgrgid_r") or
-    source.getTarget().hasName("getgrnam_r")
-  ) and
-  (
-    use = source.getArgument(1) or
-    use = source.getArgument(2) or
-    use = source.getArgument(4)
-  )
+  source.getTarget().hasName(["getpwnam_r", "getpwuid_r", "getgrgid_r", "getgrnam_r"]) and
+  use = source.getArgument([1, 2, 4])
   or
   // int getpwent_r(struct passwd *pwd, char *buffer, size_t bufsize,
   //                struct passwd **result);
   // int getgrent_r(struct group *gbuf, char *buf,
   //                size_t buflen, struct group **gbufp);
-  (
-    source.getTarget().hasName("getpwent_r") or
-    source.getTarget().hasName("getgrent_r")
-  ) and
-  (
-    use = source.getArgument(0) or
-    use = source.getArgument(1) or
-    use = source.getArgument(3)
-  )
+  source.getTarget().hasName(["getpwent_r", "getgrent_r"]) and
+  use = source.getArgument([0, 1, 3])
 }
 
 /**
@@ -190,13 +164,11 @@ private predicate windowsSystemInfo(FunctionCall source, Element use) {
   // BOOL WINAPI GetVersionEx(_Inout_ LPOSVERSIONINFO lpVersionInfo);
   // void WINAPI GetSystemInfo(_Out_ LPSYSTEM_INFO lpSystemInfo);
   // void WINAPI GetNativeSystemInfo(_Out_ LPSYSTEM_INFO lpSystemInfo);
-  (
-    source.getTarget().hasGlobalName("GetVersionEx") or
-    source.getTarget().hasGlobalName("GetVersionExA") or
-    source.getTarget().hasGlobalName("GetVersionExW") or
-    source.getTarget().hasGlobalName("GetSystemInfo") or
-    source.getTarget().hasGlobalName("GetNativeSystemInfo")
-  ) and
+  source
+      .getTarget()
+      .hasGlobalName([
+          "GetVersionEx", "GetVersionExA", "GetVersionExW", "GetSystemInfo", "GetNativeSystemInfo"
+        ]) and
   use = source.getArgument(0)
 }
 
@@ -216,11 +188,11 @@ private predicate windowsFolderPath(FunctionCall source, Element use) {
   //   _In_  int    csidl,
   //   _In_  BOOL   fCreate
   // );
-  (
-    source.getTarget().hasGlobalName("SHGetSpecialFolderPath") or
-    source.getTarget().hasGlobalName("SHGetSpecialFolderPathA") or
-    source.getTarget().hasGlobalName("SHGetSpecialFolderPathW")
-  ) and
+  source
+      .getTarget()
+      .hasGlobalName([
+          "SHGetSpecialFolderPath", "SHGetSpecialFolderPathA", "SHGetSpecialFolderPathW"
+        ]) and
   use = source.getArgument(1)
   or
   // HRESULT SHGetKnownFolderPath(
@@ -239,11 +211,7 @@ private predicate windowsFolderPath(FunctionCall source, Element use) {
   //   _In_  DWORD  dwFlags,
   //   _Out_ LPTSTR pszPath
   // );
-  (
-    source.getTarget().hasGlobalName("SHGetFolderPath") or
-    source.getTarget().hasGlobalName("SHGetFolderPathA") or
-    source.getTarget().hasGlobalName("SHGetFolderPathW")
-  ) and
+  source.getTarget().hasGlobalName(["SHGetFolderPath", "SHGetFolderPathA", "SHGetFolderPathW"]) and
   use = source.getArgument(4)
   or
   // HRESULT SHGetFolderPathAndSubDir(
@@ -254,11 +222,11 @@ private predicate windowsFolderPath(FunctionCall source, Element use) {
   //   _In_  LPCTSTR pszSubDir,
   //   _Out_ LPTSTR  pszPath
   // );
-  (
-    source.getTarget().hasGlobalName("SHGetFolderPathAndSubDir") or
-    source.getTarget().hasGlobalName("SHGetFolderPathAndSubDirA") or
-    source.getTarget().hasGlobalName("SHGetFolderPathAndSubDirW")
-  ) and
+  source
+      .getTarget()
+      .hasGlobalName([
+          "SHGetFolderPathAndSubDir", "SHGetFolderPathAndSubDirA", "SHGetFolderPathAndSubDirW"
+        ]) and
   use = source.getArgument(5)
 }
 
@@ -273,11 +241,7 @@ class WindowsFolderPath extends SystemData {
 }
 
 private predicate logonUser(FunctionCall source, VariableAccess use) {
-  (
-    source.getTarget().hasGlobalName("LogonUser") or
-    source.getTarget().hasGlobalName("LogonUserW") or
-    source.getTarget().hasGlobalName("LogonUserA")
-  ) and
+  source.getTarget().hasGlobalName(["LogonUser", "LogonUserW", "LogonUserA"]) and
   use = source.getAnArgument()
 }
 
@@ -297,11 +261,7 @@ private predicate regQuery(FunctionCall source, VariableAccess use) {
   //   _Out_opt_   LPTSTR  lpValue,
   //   _Inout_opt_ PLONG   lpcbValue
   // );
-  (
-    source.getTarget().hasGlobalName("RegQueryValue") or
-    source.getTarget().hasGlobalName("RegQueryValueA") or
-    source.getTarget().hasGlobalName("RegQueryValueW")
-  ) and
+  source.getTarget().hasGlobalName(["RegQueryValue", "RegQueryValueA", "RegQueryValueW"]) and
   use = source.getArgument(2)
   or
   // LONG WINAPI RegQueryMultipleValues(
@@ -311,11 +271,11 @@ private predicate regQuery(FunctionCall source, VariableAccess use) {
   //   _Out_opt_   LPTSTR  lpValueBuf,
   //   _Inout_opt_ LPDWORD ldwTotsize
   // );
-  (
-    source.getTarget().hasGlobalName("RegQueryMultipleValues") or
-    source.getTarget().hasGlobalName("RegQueryMultipleValuesA") or
-    source.getTarget().hasGlobalName("RegQueryMultipleValuesW")
-  ) and
+  source
+      .getTarget()
+      .hasGlobalName([
+          "RegQueryMultipleValues", "RegQueryMultipleValuesA", "RegQueryMultipleValuesW"
+        ]) and
   use = source.getArgument(3)
   or
   // LONG WINAPI RegQueryValueEx(
@@ -326,11 +286,7 @@ private predicate regQuery(FunctionCall source, VariableAccess use) {
   //   _Out_opt_   LPBYTE  lpData,
   //   _Inout_opt_ LPDWORD lpcbData
   // );
-  (
-    source.getTarget().hasGlobalName("RegQueryValueEx") or
-    source.getTarget().hasGlobalName("RegQueryValueExA") or
-    source.getTarget().hasGlobalName("RegQueryValueExW")
-  ) and
+  source.getTarget().hasGlobalName(["RegQueryValueEx", "RegQueryValueExA", "RegQueryValueExW"]) and
   use = source.getArgument(4)
   or
   // LONG WINAPI RegGetValue(
@@ -342,11 +298,7 @@ private predicate regQuery(FunctionCall source, VariableAccess use) {
   //   _Out_opt_   PVOID   pvData,
   //   _Inout_opt_ LPDWORD pcbData
   // );
-  (
-    source.getTarget().hasGlobalName("RegGetValue") or
-    source.getTarget().hasGlobalName("RegGetValueA") or
-    source.getTarget().hasGlobalName("RegGetValueW")
-  ) and
+  source.getTarget().hasGlobalName(["RegGetValue", "RegGetValueA", "RegGetValueW"]) and
   use = source.getArgument(5)
 }
 
@@ -408,12 +360,7 @@ private predicate socketOutput(FunctionCall call, Expr data) {
     //                const struct sockaddr *dest_addr, socklen_t addrlen);
     // ssize_t sendmsg(int sockfd, const struct msghdr *msg, int flags);
     // int write(int handle, void *buffer, int nbyte);
-    (
-      call.getTarget().hasGlobalName("send") or
-      call.getTarget().hasGlobalName("sendto") or
-      call.getTarget().hasGlobalName("sendmsg") or
-      call.getTarget().hasGlobalName("write")
-    ) and
+    call.getTarget().hasGlobalName(["send", "sendto", "sendmsg", "write"]) and
     data = call.getArgument(1) and
     socketFileDescriptor(call.getArgument(0))
   )

cpp/ql/src/experimental/Security/CWE/CWE-273/PrivilegeDroppingOutoforder.ql

@@ -44,14 +44,13 @@ class SetuidLikeWrapperCall extends FunctionCall {
 
 class CallBeforeSetuidFunctionCall extends FunctionCall {
   CallBeforeSetuidFunctionCall() {
-    (
-      getTarget().hasGlobalName("setgid") or
-      getTarget().hasGlobalName("setresgid") or
-      // Compatibility may require skipping initgroups and setgroups return checks.
-      // A stricter best practice is to check the result and errnor for EPERM.
-      getTarget().hasGlobalName("initgroups") or
-      getTarget().hasGlobalName("setgroups")
-    ) and
+    getTarget()
+        .hasGlobalName([
+            "setgid", "setresgid",
+            // Compatibility may require skipping initgroups and setgroups return checks.
+            // A stricter best practice is to check the result and errnor for EPERM.
+            "initgroups", "setgroups"
+          ]) and
     // setgid/setresgid/etc with the root group are false positives.
     not argumentMayBeRoot(getArgument(0))
   }

cpp/ql/src/jsf/4.28 Portable Code/AV Rule 209.ql

@@ -15,13 +15,7 @@ import cpp
 
 from Element u, ArithmeticType at
 where
-  (
-    at.hasName("int") or
-    at.hasName("short") or
-    at.hasName("long") or
-    at.hasName("float") or
-    at.hasName("double")
-  ) and
+  at.hasName(["int", "short", "long", "float", "double"]) and
   u = at.getATypeNameUse() and
   not at instanceof WideCharType
 select u, "AV Rule 209: The basic types of int, short, long, float and double shall not be used."