Update IncorrectChangingWorkingDirectory.ql

ihsinme · web-flow · commit 3161d112d1af · 2021-10-30T13:47:22.000+03:00
diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-243/IncorrectChangingWorkingDirectory.ql b/cpp/ql/src/experimental/Security/CWE/CWE-243/IncorrectChangingWorkingDirectory.ql
@@ -36,6 +36,7 @@ predicate outExistsChdir(FunctionCall fcp) {
         fctmp2.getTarget().hasGlobalOrStdName("chdir") or
         fctmp2.getTarget().hasGlobalOrStdName("fchdir")
       ) and
+      // we are looking for a call containing calls chdir and fchdir
       fctmp2.getEnclosingStmt().getParentStmt*() = fctmp.getTarget().getEntryPoint().getChildStmt*()
     ) and
     (

Original file line number	Diff line number	Diff line change
`@@ -36,6 +36,7 @@ predicate outExistsChdir(FunctionCall fcp) {`
`36`	`36`	`fctmp2.getTarget().hasGlobalOrStdName("chdir") or`
`37`	`37`	`fctmp2.getTarget().hasGlobalOrStdName("fchdir")`
`38`	`38`	`) and`
	`39`	`+ // we are looking for a call containing calls chdir and fchdir`
`39`	`40`	`fctmp2.getEnclosingStmt().getParentStmt() = fctmp.getTarget().getEntryPoint().getChildStmt()`
`40`	`41`	`) and`
`41`	`42`	`(`