False positive "Uncontrolled data used in path expression" in C code #16983
Comments
|
You are right that the alert makes little sense on that pull request. What happened here is that the change in the pull request caused the "fingerprint" of an existing alert to be changed. As a result CodeQL considers the original alert to be "fixed" because its fingerprint is no longer found. However, it also detects an alert with a new fingerprint and wrongly blames the pull request for this. The old and new version of the same alert can be found via: You might want to re-open the dismissed alert in case you think it is important. |
|
Thanks for the explanation. Unfortunately, the link you gave doesn't seem to work for me and leads to IMHO, the code both old and new should not raise this alert as the |
I think you need write permissions or security read permission for the repository to view that page. The URL is for the alerts list page and encodes the search terms (CodeQL query and branch), but it is only visible for users with the right permissions. It shows the same alert twice on slightly different lines due to the code change, one marked as
I agree. Technically, the file path comes directly from |
|
Thanks @aibaars . I understand now. CodeQL alerts any |
In the evaluation of sysrepo/sysrepo#3353, CodeQL seems to think there is uncontrolled data used in path expression, when there is none.
This argument to a file access function is derived from and then passed to op_export(file_path), which calls fopen(__filename).https://github.com/sysrepo/sysrepo/pull/3353/files
step_create_input_fileis the function responsible to create a unique filename, and is untouched in this diff, and it seems to be not exploitable.https://github.com/sysrepo/sysrepo/pull/3353/checks?check_run_id=27465095770
The text was updated successfully, but these errors were encountered: