File tree Expand file tree Collapse file tree 1 file changed +2
-1
lines changed
cpp/ql/src/experimental/Security/CWE/CWE-266 Expand file tree Collapse file tree 1 file changed +2
-1
lines changed Original file line number Diff line number Diff line change @@ -55,10 +55,11 @@ where
5555 ) and
5656 (
5757 fctmp .getArgument ( 1 ) .getValue ( ) .matches ( "%a%" ) or
58+ fctmp .getArgument ( 1 ) .getValue ( ) .matches ( "%w%" ) or
5859 // unfortunately cannot use numeric value here because // O_APPEND is defined differently on different OSes:
5960 // https://github.com/red/red/blob/92feb0c0d5f91e087ab35fface6906afbf99b603/runtime/definitions.reds#L477-L491
6061 // this may introduce false negatives
61- fctmp .getArgument ( 1 ) .getValueText ( ) .matches ( "%O_APPEND% " )
62+ fctmp .getArgument ( 1 ) .( BitwiseOrExpr ) . getAChild * ( ) . getValueText ( ) .matches ( "O_CREAT " )
6263 ) and
6364 fctmp .getNumberOfArguments ( ) = 2 and
6465 not fctmp .getArgument ( 0 ) .getValue ( ) = "/dev/null" and
You can’t perform that action at this time.
0 commit comments