Skip to content

Commit 5ef71e6

Browse files
geoffw0geoffw0
committed
C++: Add a few more sinks.
1 parent aafa576 commit 5ef71e6

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

cpp/ql/src/Security/CWE/CWE-319/UseOfHttp.ql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -62,7 +62,7 @@ class HttpStringToUrlOpenConfig extends TaintTracking::Configuration {
6262
// accessed as a URL, for example using it in a network access. Some
6363
// URLs are only ever displayed or used for data processing.
6464
exists(FunctionCall fc |
65-
fc.getTarget().hasGlobalOrStdName(["system", "gethostbyname", "getaddrinfo"]) and
65+
fc.getTarget().hasGlobalOrStdName(["system", "gethostbyname", "gethostbyname2", "gethostbyname_r", "getaddrinfo", "X509_load_http", "X509_CRL_load_http"]) and
6666
sink.asExpr() = fc.getArgument(0)
6767
or
6868
fc.getTarget().hasGlobalOrStdName(["send", "URLDownloadToFile", "URLDownloadToCacheFile"]) and

0 commit comments

Comments
 (0)