C++/CleartextSqliteDatabase

d10c · d10c · commit 0ed27f4e81eb · 2025-10-28T09:41:40.000+01:00
diff --git a/cpp/ql/src/Security/CWE/CWE-313/CleartextSqliteDatabase.ql b/cpp/ql/src/Security/CWE/CWE-313/CleartextSqliteDatabase.ql
@@ -127,13 +127,13 @@ module FromSensitiveConfig implements DataFlow::ConfigSig {
   predicate observeDiffInformedIncrementalMode() { any() }
 
   Location getASelectedSourceLocation(DataFlow::Node source) {
-    exists(SensitiveExpr sensitive | result = sensitive.getLocation() |
+    exists(SensitiveExpr sensitive | result = [sensitive.getLocation(), source.getLocation()] |
       isSourceImpl(source, sensitive)
     )
   }
 
   Location getASelectedSinkLocation(DataFlow::Node sink) {
-    exists(SqliteFunctionCall sqliteCall | result = sqliteCall.getLocation() |
+    exists(SqliteFunctionCall sqliteCall | result = [sqliteCall.getLocation(), sink.getLocation()] |
       isSinkImpl(sink, sqliteCall, _)
     )
   }

Original file line number	Diff line number	Diff line change
`@@ -127,13 +127,13 @@ module FromSensitiveConfig implements DataFlow::ConfigSig {`
`127`	`127`	`predicate observeDiffInformedIncrementalMode() { any() }`
`128`	`128`
`129`	`129`	`Location getASelectedSourceLocation(DataFlow::Node source) {`
`130`		`- exists(SensitiveExpr sensitive \| result = sensitive.getLocation() \|`
	`130`	`+ exists(SensitiveExpr sensitive \| result = [sensitive.getLocation(), source.getLocation()] \|`
`131`	`131`	`isSourceImpl(source, sensitive)`
`132`	`132`	`)`
`133`	`133`	`}`
`134`	`134`
`135`	`135`	`Location getASelectedSinkLocation(DataFlow::Node sink) {`
`136`		`- exists(SqliteFunctionCall sqliteCall \| result = sqliteCall.getLocation() \|`
	`136`	`+ exists(SqliteFunctionCall sqliteCall \| result = [sqliteCall.getLocation(), sink.getLocation()] \|`
`137`	`137`	`isSinkImpl(sink, sqliteCall, _)`
`138`	`138`	`)`
`139`	`139`	`}`