Skip to content

Commit ee41e65

Browse files
author
Porcupiney Hairs
committed
Include changes from review
1 parent 57d1035 commit ee41e65

File tree

2 files changed

+10
-10
lines changed

2 files changed

+10
-10
lines changed

cpp/ql/src/experimental/Security/CWE/CWE-295/CurlSSL.qhelp

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,15 +1,16 @@
11
<!DOCTYPE qhelp PUBLIC "-//Semmle//qhelp//EN" "qhelp.dtd">
22
<qhelp>
33
<overview>
4-
Disabling verification of the SSL certificate allows man-in-the-middle attacks.
5-
A SSL connection is vulnerable to man-in-the-middle attacks if the certification is not checked
6-
properly.
7-
If the peer or the host's certificate verification is not verified, the underlying SSL
8-
communication is insecure.
4+
<p>
5+
Disabling verification of the SSL certificate allows man-in-the-middle attacks. A SSL
6+
connection is vulnerable to man-in-the-middle attacks if the certification is not checked
7+
properly. If the peer or the host's certificate verification is not verified, the underlying
8+
SSL communication is insecure.</p>
99
</overview>
1010
<recommendation>
11-
It is recommended that all communications be done post verification of the host as well as the
12-
peer.
11+
<p>It is recommended that all communications be done post verification of the host as well as
12+
the
13+
peer.</p>
1314
</recommendation>
1415
<example>
1516
<p>The following snippet disables certification verification by setting the value of <code>
@@ -27,7 +28,7 @@
2728
<li> Related CVE: <a href="https://github.com/advisories/GHSA-5r3h-c3r7-9w4h"> CVE-2022-33684</a></li>
2829
<li> Related security advisory: <a
2930
href="https://huntr.com/bounties/42325662-6329-4e04-875a-49e2f5d69f78">
30-
<code>openframeworks/openframeworks</code>
31+
openframeworks/openframeworks
3132
</a></li>
3233
</references>
3334
</qhelp>

cpp/ql/src/experimental/Security/CWE/CWE-295/CurlSSL.ql

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,6 @@ private class CurlVerificationConstant extends EnumConstantAccess {
3434

3535
from CurlSetOptCall c
3636
where
37-
c.getArgument(1) = any(CurlVerificationConstant v)
38-
and
37+
c.getArgument(1) = any(CurlVerificationConstant v) and
3938
c.getArgument(2).getValue() = "0"
4039
select c, "This call disables Secure Socket Layer and could potentially lead to MITM attacks"

0 commit comments

Comments
 (0)