Skip to content

Commit 3938198

Browse files
geoffw0geoffw0
committed
C++: Convert to regexp.
1 parent 611b820 commit 3938198

File tree

1 file changed

+15
-11
lines changed

1 file changed

+15
-11
lines changed

cpp/ql/lib/semmle/code/cpp/security/PrivateData.qll

Lines changed: 15 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -12,32 +12,36 @@
1212

1313
import cpp
1414

15-
/** A string for `match` that identifies strings that look like they represent private data. */
15+
/**
16+
* A string for `regexpMatch` that identifies strings that look like they
17+
* represent private data.
18+
*/
1619
private string privateNames() {
1720
result =
18-
[
21+
".*(" +
1922
// Inspired by the list on https://cwe.mitre.org/data/definitions/359.html
2023
// Government identifiers, such as Social Security Numbers
21-
"%social%security%",
24+
"social.*security|" +
2225
// Contact information, such as home addresses and telephone numbers
23-
"%postcode%", "%zipcode%", "%telephone%",
26+
"postcode|zipcode|telephone|" +
2427
// Geographic location - where the user is (or was)
25-
"%latitude%", "%longitude%",
28+
"latitude|longitude|" +
2629
// Financial data - such as credit card numbers, salary, bank accounts, and debts
27-
"%credit%card%", "%salary%", "%bank%account%",
30+
"credit.*card|salary|bank.*account|" +
2831
// Communications - e-mail addresses, private e-mail messages, SMS text messages, chat logs, etc.
29-
"%email%", "%mobile%", "%employer%",
32+
"email|mobile|employer|" +
3033
// Health - medical conditions, insurance status, prescription records
31-
"%medical%"
32-
]
34+
"medical" +
35+
// ---
36+
").*"
3337
}
3438

3539
/**
3640
* A variable that might contain sensitive private information.
3741
*/
3842
class PrivateDataVariable extends Variable {
3943
PrivateDataVariable() {
40-
this.getName().toLowerCase().matches(privateNames()) and
44+
this.getName().toLowerCase().regexpMatch(privateNames()) and
4145
not this.getUnspecifiedType() instanceof IntegralType
4246
}
4347
}
@@ -47,7 +51,7 @@ class PrivateDataVariable extends Variable {
4751
*/
4852
class PrivateDataFunction extends Function {
4953
PrivateDataFunction() {
50-
this.getName().toLowerCase().matches(privateNames()) and
54+
this.getName().toLowerCase().regexpMatch(privateNames()) and
5155
not this.getUnspecifiedType() instanceof IntegralType
5256
}
5357
}

0 commit comments

Comments
 (0)