Merge pull request #7149 from geoffw0/non-https-url2

geoffw0 · web-flow · commit d2322836476b · 2021-11-17T10:05:30.000Z
C++: Minor improvements to 'Failure to use HTTPS URLs' query
diff --git a/cpp/ql/src/Security/CWE/CWE-319/UseOfHttp.ql b/cpp/ql/src/Security/CWE/CWE-319/UseOfHttp.ql
@@ -7,6 +7,7 @@
  * @id cpp/non-https-url
  * @tags security
  *       external/cwe/cwe-319
+ *       external/cwe/cwe-345
  */
 
 import cpp
@@ -61,7 +62,11 @@ class HttpStringToUrlOpenConfig extends TaintTracking::Configuration {
     // accessed as a URL, for example using it in a network access. Some
     // URLs are only ever displayed or used for data processing.
     exists(FunctionCall fc |
-      fc.getTarget().hasGlobalOrStdName(["system", "gethostbyname", "getaddrinfo"]) and
+      fc.getTarget()
+          .hasGlobalOrStdName([
+              "system", "gethostbyname", "gethostbyname2", "gethostbyname_r", "getaddrinfo",
+              "X509_load_http", "X509_CRL_load_http"
+            ]) and
       sink.asExpr() = fc.getArgument(0)
       or
       fc.getTarget().hasGlobalOrStdName(["send", "URLDownloadToFile", "URLDownloadToCacheFile"]) and
