pr fixes

dilanbhalla · dilanbhalla · commit dcfbb866745a · 2020-08-10T15:14:12.000-07:00
diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-359/PrivateCleartextWrite.qhelp b/cpp/ql/src/experimental/Security/CWE/CWE-359/PrivateCleartextWrite.qhelp
@@ -19,7 +19,7 @@ cleartext.</p>
 
 <references>
 
-<li><a href="https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_A3-Sensitive_Data_Exposure">OWASP Sensitive_Data_Exposure</a>
+<li><a href="https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_A3-Sensitive_Data_Exposure">OWASP Sensitive_Data_Exposure</a></li>
 <li>M. Dowd, J. McDonald and J. Schuhm, <i>The Art of Software Security Assessment</i>, 1st Edition, Chapter 2 - 'Common Vulnerabilities of Encryption', p. 43. Addison Wesley, 2006.</li> 
 <li>M. Howard and D. LeBlanc, <i>Writing Secure Code</i>, 2nd Edition, Chapter 9 - 'Protecting Secret Data', p. 299. Microsoft, 2002.</li>
 
diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-359/PrivateCleartextWrite.ql b/cpp/ql/src/experimental/Security/CWE/CWE-359/PrivateCleartextWrite.ql
@@ -12,7 +12,10 @@
 import cpp
 import experimental.semmle.code.cpp.security.PrivateCleartextWrite
 import experimental.semmle.code.cpp.security.PrivateCleartextWrite::PrivateCleartextWrite
+import DataFlow::PathGraph
 
-from WriteConfig b, DataFlow::Node source, DataFlow::Node sink
-where b.hasFlow(source, sink)
-select sink, "This write may contain unencrypted data"
+from WriteConfig b, DataFlow::PathNode source, DataFlow::PathNode sink
+where b.hasFlowPath(source, sink)
+select sink.getNode(),
+  "This write into the external location '" + sink + "' may contain unencrypted data from $@",
+  source, "this source."
diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-359/semmle/tests/PrivateCleartextWrite.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-359/semmle/tests/PrivateCleartextWrite.expected
@@ -1,6 +1,21 @@
-| test.cpp:50:9:50:18 | theZipcode | This write may contain unencrypted data |
-| test.cpp:66:24:66:30 | medical | This write may contain unencrypted data |
-| test.cpp:70:24:70:27 | temp | This write may contain unencrypted data |
-| test.cpp:74:24:74:28 | buff5 | This write may contain unencrypted data |
-| test.cpp:87:37:87:46 | theZipcode | This write may contain unencrypted data |
-| test.cpp:90:42:90:51 | theZipcode | This write may contain unencrypted data |
+edges
+| test.cpp:77:16:77:22 | medical | test.cpp:78:24:78:27 | temp |
+| test.cpp:81:17:81:20 | call to func | test.cpp:82:24:82:28 | buff5 |
+| test.cpp:81:22:81:28 | medical | test.cpp:81:17:81:20 | call to func |
+nodes
+| test.cpp:57:9:57:18 | theZipcode | semmle.label | theZipcode |
+| test.cpp:74:24:74:30 | medical | semmle.label | medical |
+| test.cpp:77:16:77:22 | medical | semmle.label | medical |
+| test.cpp:78:24:78:27 | temp | semmle.label | temp |
+| test.cpp:81:17:81:20 | call to func | semmle.label | call to func |
+| test.cpp:81:22:81:28 | medical | semmle.label | medical |
+| test.cpp:82:24:82:28 | buff5 | semmle.label | buff5 |
+| test.cpp:96:37:96:46 | theZipcode | semmle.label | theZipcode |
+| test.cpp:99:42:99:51 | theZipcode | semmle.label | theZipcode |
+#select
+| test.cpp:57:9:57:18 | theZipcode | This write into the external location 'theZipcode' may contain unencrypted data from $@ | test.cpp:57:9:57:18 | theZipcode | this source. |
+| test.cpp:74:24:74:30 | medical | This write into the external location 'medical' may contain unencrypted data from $@ | test.cpp:74:24:74:30 | medical | this source. |
+| test.cpp:78:24:78:27 | temp | This write into the external location 'temp' may contain unencrypted data from $@ | test.cpp:77:16:77:22 | medical | this source. |
+| test.cpp:82:24:82:28 | buff5 | This write into the external location 'buff5' may contain unencrypted data from $@ | test.cpp:81:22:81:28 | medical | this source. |
+| test.cpp:96:37:96:46 | theZipcode | This write into the external location 'theZipcode' may contain unencrypted data from $@ | test.cpp:96:37:96:46 | theZipcode | this source. |
+| test.cpp:99:42:99:51 | theZipcode | This write into the external location 'theZipcode' may contain unencrypted data from $@ | test.cpp:99:42:99:51 | theZipcode | this source. |
diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-359/semmle/tests/test.cpp b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-359/semmle/tests/test.cpp
@@ -4,45 +4,52 @@
 typedef int streamsize;
 
 size_t fwrite(const void *ptr, size_t size, size_t nmemb, FILE *stream);
-int fputs(const char *s, FILE *stream); 
+int fputs(const char *s, FILE *stream);
 int fputc(int c, FILE *stream);
 int fprintf(FILE *stream, const char *format, ...);
 int sprintf(char *s, const char *format, ...);
 size_t strlen(const char *s);
 
 namespace std
 {
-	template<class charT> struct char_traits;
-
-	template <class charT, class traits = char_traits<charT> >
-	class basic_ostream /*: virtual public basic_ios<charT,traits> - not needed for this test */ {
-	public:
-		typedef charT char_type;
-		basic_ostream<charT,traits>& write(const char_type* s, streamsize n);
-	};
-
-	template <class charT, class traits = char_traits<charT> >
-	class basic_ofstream : public basic_ostream<charT,traits> {
-	public:
-	};
-
-	template<class charT, class traits> basic_ostream<charT,traits>& operator<<(basic_ostream<charT,traits>&, const charT*);
-
-	typedef basic_ostream<char> ostream;
-	typedef basic_ofstream<char> ofstream;
-};
+  template <class charT>
+  struct char_traits;
+
+  template <class charT, class traits = char_traits<charT>>
+  class basic_ostream /*: virtual public basic_ios<charT,traits> - not needed for this test */
+  {
+  public:
+    typedef charT char_type;
+    basic_ostream<charT, traits> &write(const char_type *s, streamsize n);
+  };
+
+  template <class charT, class traits = char_traits<charT>>
+  class basic_ofstream : public basic_ostream<charT, traits>
+  {
+  public:
+  };
+
+  template <class charT, class traits>
+  basic_ostream<charT, traits> &operator<<(basic_ostream<charT, traits> &, const charT *);
+
+  typedef basic_ostream<char> ostream;
+  typedef basic_ofstream<char> ofstream;
+}; // namespace std
 
 using namespace std;
 
-char *encrypt(char *buffer) {
+char *encrypt(char *buffer)
+{
   return buffer;
 }
-char *func(char *buffer) {
+char *func(char *buffer)
+{
   return buffer;
 }
 
 // test for CleartextFileWrite
-void file() {
+void file()
+{
   char *theZipcode = "cleartext zipcode!";
   FILE *file;
 
@@ -55,7 +62,8 @@ void file() {
 }
 
 // test for CleartextBufferWrite
-int main(int argc, char** argv) {
+int main(int argc, char **argv)
+{
   char *medical = "medical";
   char *buff1;
   char *buff2;
@@ -75,11 +83,12 @@ int main(int argc, char** argv) {
 
   char *buff6 = encrypt(medical);
   // GOOD: encrypt first
-  sprintf(buff4, "%s", buff6); 
+  sprintf(buff4, "%s", buff6);
 }
 
 // test for CleartextFileWrite
-void stream() {
+void stream()
+{
   char *theZipcode = "cleartext zipcode!";
   ofstream mystream;
 
