Update cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql

JarLob · web-flow · commit a1b0315d90b5 · 2022-01-19T00:52:10.000+01:00
diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql b/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql
@@ -59,7 +59,8 @@ where
       // unfortunately cannot use numeric value here because // O_CREAT is defined differently on different OSes:
       // https://github.com/red/red/blob/92feb0c0d5f91e087ab35fface6906afbf99b603/runtime/definitions.reds#L477-L491
       // this may introduce false negatives
-      fctmp.getArgument(1).(BitwiseOrExpr).getAChild*().getValueText().matches("O_CREAT")
+      fctmp.getArgument(1).(BitwiseOrExpr).getAChild*().getValueText().matches("O_CREAT") or
+      fctmp.getArgument(1).getValueText().matches("%O_CREAT%")
     ) and
     fctmp.getNumberOfArguments() = 2 and
     not fctmp.getArgument(0).getValue() = "/dev/null" and
