Skip to content

Commit a6b486a

Browse files
ihsinmeihsinme
authored
Update InsufficientControlFlowManagementWhenUsingBitOperations.ql
1 parent ed34c96 commit a6b486a

File tree

1 file changed

+8
-8
lines changed

1 file changed

+8
-8
lines changed

cpp/ql/src/experimental/Security/CWE/CWE-691/InsufficientControlFlowManagementWhenUsingBitOperations.ql

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ import semmle.code.cpp.valuenumbering.GlobalValueNumbering
1919
* For example: `if(intA>0 & intA<10 & charBuf&myFunc(charBuf[intA]))`.
2020
* In this case, the function will be called in any case, and even the sequence of the call is not guaranteed.
2121
*/
22-
class DangerousBitOperations extends Expr {
22+
class DangerousBitOperations extends BinaryBitwiseOperation {
2323
FunctionCall bfc;
2424

2525
/**
@@ -28,16 +28,16 @@ class DangerousBitOperations extends Expr {
2828
* The use of shifts and bitwise operations on any element of an expression indicates a conscious use of the bitwise operator.
2929
*/
3030
DangerousBitOperations() {
31-
bfc = this.(BinaryBitwiseOperation).getRightOperand() and
31+
bfc = this.getRightOperand() and
3232
not this.getParent*() instanceof Assignment and
3333
not this.getParent*() instanceof Initializer and
3434
not this.getParent*() instanceof ReturnStmt and
3535
not this.getParent*() instanceof EqualityOperation and
3636
not this.getParent*() instanceof UnaryLogicalOperation and
3737
not this.getParent*() instanceof BinaryLogicalOperation and
38-
not this.(BinaryBitwiseOperation).getAChild*() instanceof BitwiseXorExpr and
39-
not this.(BinaryBitwiseOperation).getAChild*() instanceof LShiftExpr and
40-
not this.(BinaryBitwiseOperation).getAChild*() instanceof RShiftExpr
38+
not this.getAChild*() instanceof BitwiseXorExpr and
39+
not this.getAChild*() instanceof LShiftExpr and
40+
not this.getAChild*() instanceof RShiftExpr
4141
}
4242

4343
/** Holds when part of a bit expression is used in a logical operation. */
@@ -60,14 +60,14 @@ class DangerousBitOperations extends Expr {
6060

6161
/** Holds when the bit expression contains both arguments and a function call. */
6262
predicate dangerousArgumentChecking() {
63-
not this.(BinaryBitwiseOperation).getLeftOperand() instanceof Call and
64-
globalValueNumber(this.(BinaryBitwiseOperation).getLeftOperand().getAChild*()) =
63+
not this.getLeftOperand() instanceof Call and
64+
globalValueNumber(this.getLeftOperand().getAChild*()) =
6565
globalValueNumber(bfc.getAnArgument())
6666
}
6767

6868
/** Holds when function calls are present in the bit expression. */
6969
predicate functionCallsInBitsExpression() {
70-
this.(BinaryBitwiseOperation).getLeftOperand().getAChild*() instanceof FunctionCall
70+
this.getLeftOperand().getAChild*() instanceof FunctionCall
7171
}
7272
}
7373

0 commit comments

Comments
 (0)