Merge pull request github#3856 from geoffw0/qldoc5follow

rdmarsh2 · web-flow · commit e9777913a353 · 2020-06-30T16:17:37.000-07:00
C++: Make getSecureAlgorithmRegex() work as expected.
diff --git a/cpp/ql/src/semmle/code/cpp/security/Encryption.qll b/cpp/ql/src/semmle/code/cpp/security/Encryption.qll
@@ -59,15 +59,16 @@ string getASecureAlgorithmName() {
  * contain an algorithm that is known to be secure.
  */
 string getSecureAlgorithmRegex() {
-  // algorithms usually appear in names surrounded by characters that are not
-  // alphabetical characters in the same case. This handles the upper and lower
-  // case cases
-  result = "(^|.*[^A-Z])" + getASecureAlgorithmName() + "([^A-Z].*|$)"
-  or
-  // for lowercase, we want to be careful to avoid being confused by camelCase
-  // hence we require two preceding uppercase letters to be sure of a case
-  // switch, or a preceding non-alphabetic character
-  result = "(^|.*[A-Z]{2}|.*[^a-zA-Z])" + getASecureAlgorithmName().toLowerCase() + "([^a-z].*|$)"
+  result =
+    // algorithms usually appear in names surrounded by characters that are not
+    // alphabetical characters in the same case. This handles the upper and lower
+    // case cases
+    "(^|.*[^A-Z])(" + strictconcat(getASecureAlgorithmName(), "|") + ")([^A-Z].*|$)" + "|" +
+      // for lowercase, we want to be careful to avoid being confused by camelCase
+      // hence we require two preceding uppercase letters to be sure of a case
+      // switch, or a preceding non-alphabetic character
+      "(^|.*[A-Z]{2}|.*[^a-zA-Z])(" + strictconcat(getASecureAlgorithmName().toLowerCase(), "|") +
+      ")([^a-z].*|$)"
 }
 
 /**
diff --git a/cpp/ql/test/library-tests/security/encryption/test.cpp b/cpp/ql/test/library-tests/security/encryption/test.cpp
@@ -0,0 +1,12 @@
+
+void des_function(); // insecure
+void function_using_des(); // insecure
+void EncryptWithDES(); // insecure
+
+void aes_function(); // secure
+void function_using_aes(); // secure
+void EncryptionWithAES(); // secure
+
+void abc_function();
+void function_using_abc();
+void EncryptionWithABC();
diff --git a/cpp/ql/test/library-tests/security/encryption/test.expected b/cpp/ql/test/library-tests/security/encryption/test.expected
@@ -0,0 +1,9 @@
+| test.cpp:2:6:2:17 | des_function | getInsecureAlgorithmRegex |
+| test.cpp:3:6:3:23 | function_using_des | getInsecureAlgorithmRegex |
+| test.cpp:4:6:4:19 | EncryptWithDES | getInsecureAlgorithmRegex |
+| test.cpp:6:6:6:17 | aes_function | getSecureAlgorithmRegex |
+| test.cpp:7:6:7:23 | function_using_aes | getSecureAlgorithmRegex |
+| test.cpp:8:6:8:22 | EncryptionWithAES | getSecureAlgorithmRegex |
+| test.cpp:10:6:10:17 | abc_function |  |
+| test.cpp:11:6:11:23 | function_using_abc |  |
+| test.cpp:12:6:12:22 | EncryptionWithABC |  |
diff --git a/cpp/ql/test/library-tests/security/encryption/test.ql b/cpp/ql/test/library-tests/security/encryption/test.ql
@@ -0,0 +1,14 @@
+import default
+import semmle.code.cpp.security.Encryption
+
+string describe(Function f) {
+  f.getName().regexpMatch(getSecureAlgorithmRegex()) and
+  result = "getSecureAlgorithmRegex"
+  or
+  f.getName().regexpMatch(getInsecureAlgorithmRegex()) and
+  result = "getInsecureAlgorithmRegex"
+}
+
+from Function f
+where exists(f.getLocation().getFile())
+select f, concat(describe(f), ", ")
