Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CPP: Add query for CWE-783 Operator Precedence Logic Error When Use Bitwise Or Logical Operations #6083

Merged
merged 12 commits into from
Aug 11, 2021
Merged

CPP: Add query for CWE-783 Operator Precedence Logic Error When Use Bitwise Or Logical Operations #6083

merged 12 commits into from
Aug 11, 2021

Conversation

ihsinme
Copy link
Contributor

@ihsinme ihsinme commented Jun 15, 2021

Good day.
in this request I am looking for possible priority errors when using logical and bit operations.

I would like to draw your attention to the isRealRange predicate, unfortunately, the restriction on int did not allow using bitShiftRight and make it more elegant.

search results in real software.
Andarix/simutrans#2
rui314/chibicc#54

@ihsinme ihsinme requested a review from a team as a code owner June 15, 2021 13:53
MathiasVP
MathiasVP reviewed Jul 20, 2021
View reviewed changes
Copy link
Contributor

@MathiasVP MathiasVP left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @ihsinme,

Thanks for another contribution! Sorry for not getting back to you with a review before now. Here is my first round of comments.

...mental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql Outdated Show resolved Hide resolved
...mental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql Outdated Show resolved Hide resolved
cpp/ql/test/experimental/query-tests/Security/CWE/CWE-783/semmle/tests/test.cpp Outdated Show resolved Hide resolved
...mental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql Show resolved Hide resolved
...mental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql Show resolved Hide resolved
...mental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql Outdated Show resolved Hide resolved
...mental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql Outdated Show resolved Hide resolved
...mental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql Outdated Show resolved Hide resolved
...mental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql Show resolved Hide resolved
...mental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql Show resolved Hide resolved
ihsinme and others added 2 commits July 21, 2021 08:29
@ihsinme
Copy link
Contributor Author

ihsinme commented Jul 21, 2021

I will definitely see how to strengthen the test file for all your suggestions.

@ihsinme
Copy link
Contributor Author

ihsinme commented Aug 11, 2021

Good afternoon @MathiasVP.
I still need to do something for this PR?

@MathiasVP
Copy link
Contributor

Everything looks good! The only change needed now is to autoformat the QL file to make our CI check happy.

MathiasVP
MathiasVP approved these changes Aug 11, 2021
View reviewed changes
Copy link
Contributor

@MathiasVP MathiasVP left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@MathiasVP MathiasVP merged commit 89ce25f into github:main Aug 11, 2021
@MathiasVP MathiasVP mentioned this pull request Feb 28, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MathiasVP MathiasVP MathiasVP approved these changes

Assignees

@MathiasVP MathiasVP

Labels
C++ documentation
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ihsinme @MathiasVP