Add files via upload

Author: ihsinme

cpp/ql/test/experimental/query-tests/Security/CWE/CWE-266/semmle/tests/IncorrectPrivilegeAssignment.expected

@@ -0,0 +1,2 @@
+| test.cpp:9:3:9:7 | call to umask | not use equal argument in umask and chmod functions |
+| test.cpp:30:3:30:7 | call to chmod | Using arithmetic to compute the mask may not be safe. |

cpp/ql/test/experimental/query-tests/Security/CWE/CWE-266/semmle/tests/IncorrectPrivilegeAssignment.qlref

@@ -0,0 +1 @@
+experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql

cpp/ql/test/experimental/query-tests/Security/CWE/CWE-266/semmle/tests/test.cpp

@@ -0,0 +1,49 @@
+typedef int FILE;
+FILE *fopen(const char *filename, const char *mode);
+int umask(int pmode);
+int chmod(char * filename,int pmode);
+int fclose(FILE *stream);
+
+void funcTest1()
+{
+  umask(0666); // BAD
+  FILE *fe;
+  fe = fopen("myFile.txt", "wt");
+  fclose(fe);
+  chmod("myFile.txt",0666);
+}
+void funcTest1g()
+{
+  umask(0022);
+  FILE *fe;
+  fe = fopen("myFile.txt", "wt");
+  fclose(fe);
+  chmod("myFile.txt",0666); // GOOD
+}
+
+void funcTest2(int mode)
+{
+  umask(mode);
+  FILE *fe;
+  fe = fopen("myFile.txt", "wt");
+  fclose(fe);
+  chmod("myFile.txt",0555-mode); // BAD
+}
+
+void funcTest2g(int mode)
+{
+  umask(mode);
+  FILE *fe;
+  fe = fopen("myFile.txt", "wt");
+  fclose(fe);
+  chmod("myFile.txt",0555&~mode); // GOOD
+}
+
+int main(int argc, char *argv[])
+{
+  funcTest1();
+  funcTest2(27);
+  funcTest1g();
+  funcTest2g(27);
+  return 0;
+}