Skip to content

Commit

Permalink
Include changes from review
Browse files Browse the repository at this point in the history
  • Loading branch information
@porcupineyhairs
porcupineyhairs committed Sep 19, 2024
1 parent 57d1035 commit ee41e65
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 10 deletions.
17 changes: 9 additions & 8 deletions cpp/ql/src/experimental/Security/CWE/CWE-295/CurlSSL.qhelp
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,16 @@
<!DOCTYPE qhelp PUBLIC "-//Semmle//qhelp//EN" "qhelp.dtd">
<qhelp>
<overview>
Disabling verification of the SSL certificate allows man-in-the-middle attacks.
A SSL connection is vulnerable to man-in-the-middle attacks if the certification is not checked
properly.
If the peer or the host's certificate verification is not verified, the underlying SSL
communication is insecure.
<p>
Disabling verification of the SSL certificate allows man-in-the-middle attacks. A SSL
connection is vulnerable to man-in-the-middle attacks if the certification is not checked
properly. If the peer or the host's certificate verification is not verified, the underlying
SSL communication is insecure.</p>
</overview>
<recommendation>
It is recommended that all communications be done post verification of the host as well as the
peer.
<p>It is recommended that all communications be done post verification of the host as well as
the
peer.</p>
</recommendation>
<example>
<p>The following snippet disables certification verification by setting the value of <code>
Expand All @@ -27,7 +28,7 @@
<li> Related CVE: <a href="https://github.com/advisories/GHSA-5r3h-c3r7-9w4h"> CVE-2022-33684</a></li>
<li> Related security advisory: <a
href="https://huntr.com/bounties/42325662-6329-4e04-875a-49e2f5d69f78">
<code>openframeworks/openframeworks</code>
openframeworks/openframeworks
</a></li>
</references>
</qhelp>
3 changes: 1 addition & 2 deletions cpp/ql/src/experimental/Security/CWE/CWE-295/CurlSSL.ql
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,6 @@ private class CurlVerificationConstant extends EnumConstantAccess {

from CurlSetOptCall c
where
c.getArgument(1) = any(CurlVerificationConstant v)
and
c.getArgument(1) = any(CurlVerificationConstant v) and
c.getArgument(2).getValue() = "0"
select c, "This call disables Secure Socket Layer and could potentially lead to MITM attacks"

0 comments on commit ee41e65

Please sign in to comment.