Skip to content

C++: refactor some code, and add access_ok cases #8599

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Apr 11, 2022
Merged

C++: refactor some code, and add access_ok cases #8599

merged 2 commits into from
Apr 11, 2022

Conversation

4B5F5F4B
Copy link
Contributor

I refactor some code to make the query much more clear, and access_ok is added in WriteAccessCheckMacro

@4B5F5F4B 4B5F5F4B requested a review from a team as a code owner March 30, 2022 04:31
@github-actions github-actions bot added the C++ label Mar 30, 2022
@4B5F5F4B 4B5F5F4B mentioned this pull request Mar 30, 2022
Merged
@owen-mc owen-mc changed the title refactor some code, and add access_ok cases C++: refactor some code, and add access_ok cases Mar 30, 2022
@4B5F5F4B
Copy link
Contributor Author

4B5F5F4B commented Apr 2, 2022

Why no one is reviewing my pull request?

@MathiasVP
Copy link
Contributor

Why no one is reviewing my pull request?

Hi @4B5F5F4B,

Don't worry. We haven't forgotten about your work!

Please respect that, while we enjoy every single external contribution to CodeQL, it also takes a considerable amount of time for us to review (and even schedule reviewing time!) all of these pull requests.

I'm promise that we'll get to review this PR very soon.

@MathiasVP
Copy link
Contributor

In the meantime, I note that your pull request is failing CI checks because NoCheckBeforeUnsafePutUser.ql needs to be autoformatted.

geoffw0
geoffw0 reviewed Apr 5, 2022
View reviewed changes
Copy link
Contributor

@geoffw0 geoffw0 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the contribution @4B5F5F4B !

I've made a few comments, mostly to help me understand what the changes are doing.

cpp/ql/src/experimental/Security/CWE/CWE-020/NoCheckBeforeUnsafePutUser.ql
) and
exists(UnSafePutUserMacro unsafePutUser |
DataFlow::localFlow(DataFlow::parameterNode(this),
DataFlow::exprNode(unsafePutUser.getUserModePtr()))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@4B5F5F4B
Copy link
Contributor Author

4B5F5F4B commented Apr 6, 2022

Thanks my bro~

@4B5F5F4B
Copy link
Contributor Author

4B5F5F4B commented Apr 6, 2022

In the meantime, I note that your pull request is failing CI checks because NoCheckBeforeUnsafePutUser.ql needs to be autoformatted.

Hello, @MathiasVP

I think I did formatted the whole file by running command Format Document in VSCode, but I don't mind trying again to make CI happy:)

geoffw0
geoffw0 approved these changes Apr 6, 2022
View reviewed changes
Copy link
Contributor

@geoffw0 geoffw0 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks again for the contribution!

@geoffw0 geoffw0 merged commit cb211f8 into github:main Apr 11, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@geoffw0 geoffw0 geoffw0 approved these changes

Assignees
No one assigned
Labels
C++
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@4B5F5F4B @MathiasVP @geoffw0