Address review comments

jketema · jketema · commit bd859d99bfb4 · 2022-02-02T10:09:47.000+01:00
diff --git a/cpp/ql/src/Security/CWE/CWE-732/FilePermissions.qll b/cpp/ql/src/Security/CWE/CWE-732/FilePermissions.qll
@@ -98,7 +98,7 @@ class OpenCreationExpr extends FileCreationWithOptionalModeExpr {
   override predicate hasModeArgument() { exists(this.getArgument(2)) }
 
   override int getMode() {
-    if hasModeArgument()
+    if this.hasModeArgument()
     then result = this.getArgument(2).getValue().toInt()
     else
       // assume anything is permitted
@@ -125,7 +125,7 @@ class OpenatCreationExpr extends FileCreationWithOptionalModeExpr {
   override predicate hasModeArgument() { exists(this.getArgument(3)) }
 
   override int getMode() {
-    if hasModeArgument()
+    if this.hasModeArgument()
     then result = this.getArgument(3).getValue().toInt()
     else
       // assume anything is permitted
diff --git a/cpp/ql/src/Security/CWE/CWE-732/OpenCallMissingModeArgument.ql b/cpp/ql/src/Security/CWE/CWE-732/OpenCallMissingModeArgument.ql
@@ -2,7 +2,7 @@
  * @name File opened with O_CREAT flag but without mode argument
  * @description Opening a file with the O_CREAT flag but without mode argument reads arbitrary bytes from the stack.
  * @kind problem
- * @problem.severity warning
+ * @problem.severity error
  * @security-severity 7.8
  * @precision medium
  * @id cpp/open-call-with-mode-argument
@@ -16,4 +16,4 @@ import FilePermissions
 from FileCreationWithOptionalModeExpr fc
 where not fc.hasModeArgument()
 select fc,
-  "A file is created here without providing a mode argument, which may leak bits from the stack"
+  "A file is created here without providing a mode argument, which may leak bits from the stack."
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-732/OpenCallMissingModeArgument.c b/cpp/ql/test/query-tests/Security/CWE/CWE-732/OpenCallMissingModeArgument.c
@@ -1,6 +1,7 @@
 typedef unsigned int mode_t;
 
-#define O_CREAT 0100
+#define O_APPEND 0010
+#define O_CREAT  0100
 
 int open(const char *pathname, int flags, ...);
 
@@ -9,8 +10,10 @@ int openat(int dirfd, const char *pathname, int flags, ...);
 const char *a_file = "/a_file";
 
 void test_open() {
-  open(a_file, O_CREAT);
-  open(a_file, O_CREAT, 0);
-  openat(0, a_file, O_CREAT);
-  openat(0, a_file, O_CREAT, 0);
+  open(a_file, O_APPEND); // GOOD
+  open(a_file, O_CREAT); // BAD
+  open(a_file, O_CREAT, 0); // GOOD
+  openat(0, a_file, O_APPEND); // GOOD
+  openat(0, a_file, O_CREAT); // BAD
+  openat(0, a_file, O_CREAT, 0); // GOOD
 }
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-732/OpenCallMissingModeArgument.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-732/OpenCallMissingModeArgument.expected
@@ -1,2 +1,2 @@
-| OpenCallMissingModeArgument.c:12:3:12:6 | call to open | A file is created here without providing a mode argument, which may leak bits from the stack |
-| OpenCallMissingModeArgument.c:14:3:14:8 | call to openat | A file is created here without providing a mode argument, which may leak bits from the stack |
+| OpenCallMissingModeArgument.c:14:3:14:6 | call to open | A file is created here without providing a mode argument, which may leak bits from the stack. |
+| OpenCallMissingModeArgument.c:17:3:17:8 | call to openat | A file is created here without providing a mode argument, which may leak bits from the stack. |
