Skip to content

C++: Split 'gets' model. #7703

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
MathiasVP merged 7 commits into from
Jan 28, 2022
Merged

C++: Split 'gets' model. #7703

MathiasVP merged 7 commits into from
Jan 28, 2022

Conversation

@geoffw0
Copy link
Contributor

@geoffw0 geoffw0 commented Jan 21, 2022

As I understand it gets should be a LocalFlowSourceFunction not a RemoteFlowSourceFunction (unlike fgets which may at least be a remote source). Fixing this required splitting the model in two, though a few parts did simplify afterwards.

This change is mostly for correctness but will fix the odd false positive, such as the test case added for cpp/cleartext-transmission (which confusingly is and remains a true positive for cpp/cleartext-storage-buffer, tested alongside, because that query is defined to not care about it being a remote source).

@geoffw0 geoffw0 added C++ no-change-note-required This PR does not need a change note labels Jan 21, 2022
@geoffw0 geoffw0 requested a review from a team as a code owner January 21, 2022 17:37
MathiasVP
MathiasVP previously approved these changes Jan 21, 2022
View reviewed changes
Copy link
Contributor

@MathiasVP MathiasVP left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Both of my comments are really something that we should fix as follow-ups, so feel free to merge this PR without changing anything.

@geoffw0
Copy link
Contributor Author

geoffw0 commented Jan 27, 2022

Fixed formatting.

MathiasVP
MathiasVP reviewed Jan 28, 2022
View reviewed changes
MathiasVP
MathiasVP approved these changes Jan 28, 2022
View reviewed changes
Copy link
Contributor

@MathiasVP MathiasVP left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@MathiasVP MathiasVP merged commit bb2feda into github:main Jan 28, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MathiasVP MathiasVP MathiasVP approved these changes

Assignees

No one assigned

Labels

C++ no-change-note-required This PR does not need a change note

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@geoffw0 @MathiasVP