Skip to content

Commit 055c1d0

Browse files
author
Robert Marsh
authored
Merge pull request #2488 from geoffw0/speedup2
CPP: Speed up SensitiveExprs.qll
2 parents ec95197 + 8ddf877 commit 055c1d0

File tree

1 file changed

+22
-27
lines changed

1 file changed

+22
-27
lines changed
Lines changed: 22 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -1,37 +1,32 @@
11
import cpp
22

3-
private string suspicious() {
4-
result = "%password%" or
5-
result = "%passwd%" or
6-
result = "%account%" or
7-
result = "%accnt%" or
8-
result = "%trusted%"
3+
bindingset[s]
4+
private predicate suspicious(string s) {
5+
(
6+
s.matches("%password%") or
7+
s.matches("%passwd%") or
8+
s.matches("%account%") or
9+
s.matches("%accnt%") or
10+
s.matches("%trusted%")
11+
) and
12+
not (
13+
s.matches("%hashed%") or
14+
s.matches("%encrypted%") or
15+
s.matches("%crypt%")
16+
)
917
}
1018

11-
private string nonSuspicious() {
12-
result = "%hashed%" or
13-
result = "%encrypted%" or
14-
result = "%crypt%"
19+
class SensitiveVariable extends Variable {
20+
SensitiveVariable() { suspicious(getName().toLowerCase()) }
1521
}
1622

17-
abstract class SensitiveExpr extends Expr { }
18-
19-
class SensitiveVarAccess extends SensitiveExpr {
20-
SensitiveVarAccess() {
21-
this instanceof VariableAccess and
22-
exists(string s | this.toString().toLowerCase() = s |
23-
s.matches(suspicious()) and
24-
not s.matches(nonSuspicious())
25-
)
26-
}
23+
class SensitiveFunction extends Function {
24+
SensitiveFunction() { suspicious(getName().toLowerCase()) }
2725
}
2826

29-
class SensitiveCall extends SensitiveExpr {
30-
SensitiveCall() {
31-
this instanceof FunctionCall and
32-
exists(string s | this.toString().toLowerCase() = s |
33-
s.matches(suspicious()) and
34-
not s.matches(nonSuspicious())
35-
)
27+
class SensitiveExpr extends Expr {
28+
SensitiveExpr() {
29+
this.(VariableAccess).getTarget() instanceof SensitiveVariable or
30+
this.(FunctionCall).getTarget() instanceof SensitiveFunction
3631
}
3732
}

0 commit comments

Comments
 (0)