Skip to content

Commit

Permalink
Fix annots for osemgrep test --pro with DeepScan (#3492)
Browse files Browse the repository at this point in the history 
test plan:
osemgrep-pro test --pro semgrep-rules/
  • Loading branch information
@aryx
aryx authored Oct 21, 2024
1 parent 966d1ba commit 97bd5b0
Show file tree
Hide file tree
Showing 4 changed files with 17 additions and 17 deletions.
26 changes: 13 additions & 13 deletions csharp/dotnet/security/use_ecb_mode.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ public class Encryption
{
public void EncryptWithAesEcb() {
Aes key = Aes.Create();
//ruleid: use_ecb_mode
//ruleid: deeptodoruleid: use_ecb_mode
key.Mode = CipherMode.ECB;
using var encryptor = key.CreateEncryptor();
byte[] msg = new byte[32];
Expand All @@ -15,27 +15,27 @@ public void EncryptWithAesEcb() {
public void EncryptWithAesEcb2() {
Aes key = Aes.Create();
byte[] msg = new byte[32];
//ruleid: use_ecb_mode
//ruleid: deeptodoruleid: use_ecb_mode
var cipherText = key.EncryptEcb(msg, PaddingMode.PKCS7);
}

public void DecryptWithAesEcb(byte[] cipherText) {
Aes key = Aes.Create();
//ruleid: use_ecb_mode
//ruleid: deeptodoruleid: use_ecb_mode
key.Mode = CipherMode.ECB;
using var decryptor = key.CreateDecryptor();
var msg = decryptor.TransformFinalBlock(cipherText, 0, cipherText.Length);
}

public void DecryptWithAesEcb2(byte[] cipherText) {
Aes key = Aes.Create();
//ruleid: use_ecb_mode
//ruleid: deeptodoruleid: use_ecb_mode
var msgText = key.DecryptEcb(cipherText, PaddingMode.PKCS7);
}

public void EncryptWith3DESEcb() {
TripleDES key = TripleDES.Create();
//ruleid: use_ecb_mode
//ruleid: deeptodoruleid: use_ecb_mode
key.Mode = CipherMode.ECB;
using var encryptor = key.CreateEncryptor();
byte[] msg = new byte[32];
Expand All @@ -45,26 +45,26 @@ public void EncryptWith3DESEcb() {
public void EncryptWith3DESEcb2() {
TripleDES key = TripleDES.Create();
byte[] msg = new byte[32];
//ruleid: use_ecb_mode
//ruleid: deeptodoruleid: use_ecb_mode
var cipherText = key.EncryptEcb(msg, PaddingMode.PKCS7);
}

public void DecryptWith3DESEcb(byte[] cipherText) {
TripleDES key = TripleDES.Create();
//ruleid: use_ecb_mode
//ruleid: deeptodoruleid: use_ecb_mode
key.Mode = CipherMode.ECB;
using var decryptor = key.CreateDecryptor();
var msg = decryptor.TransformFinalBlock(cipherText, 0, cipherText.Length);
}

public void DecryptWith3DESEcb2(byte[] cipherText) {
TripleDES key = TripleDES.Create();
//ruleid: use_ecb_mode
//ruleid: deeptodoruleid: use_ecb_mode
var msgText = key.DecryptEcb(cipherText, PaddingMode.PKCS7);
}

public void EncryptWithEcb(SymmetricAlgorithm key) {
//ruleid: use_ecb_mode
//ruleid: deeptodoruleid: use_ecb_mode
key.Mode = CipherMode.ECB;
using var encryptor = key.CreateEncryptor();
byte[] msg = new byte[32];
Expand All @@ -73,19 +73,19 @@ public void EncryptWithEcb(SymmetricAlgorithm key) {

public void EncryptWithEcb2(SymmetricAlgorithm key) {
byte[] msg = new byte[32];
//ruleid: use_ecb_mode
//ruleid: deeptodoruleid: use_ecb_mode
var cipherText = key.EncryptEcb(msg, PaddingMode.PKCS7);
}

public void DecryptWithEcb(SymmetricAlgorithm key, byte[] cipherText) {
//ruleid: use_ecb_mode
//ruleid: deeptodoruleid: use_ecb_mode
key.Mode = CipherMode.ECB;
using var decryptor = key.CreateDecryptor();
var msg = decryptor.TransformFinalBlock(cipherText, 0, cipherText.Length);
}

public void DecryptWithEcb2(SymmetricAlgorithm key, byte[] cipherText) {
//ruleid: use_ecb_mode
//ruleid: deeptodoruleid: use_ecb_mode
var msgText = key.DecryptEcb(cipherText, PaddingMode.PKCS7);
}

Expand Down Expand Up @@ -124,4 +124,4 @@ public static void Main()
{
Console.WriteLine("Hello World");
}
}
}
2 changes: 1 addition & 1 deletion csharp/dotnet/security/use_weak_rng_for_keygeneration.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ public void GenerateBadKey() {
byte[] key = new byte[16];
rng.NextBytes(key);
SymmetricAlgorithm cipher = Aes.Create();
// ruleid: use_weak_rng_for_keygeneration
// ruleid: deeptodoruleid: use_weak_rng_for_keygeneration
cipher.Key = key;
}

Expand Down
4 changes: 2 additions & 2 deletions javascript/lang/security/detect-disable-mustache-escape.js
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
// ruleid:detect-disable-mustache-escape
// ruleid: detect-disable-mustache-escape
a.escapeMarkup = false;

// ok:detect-disable-mustache-escape
// deeptodook: detect-disable-mustache-escape
escapeMarkup = false;
2 changes: 1 addition & 1 deletion solidity/security/delegatecall-to-arbitrary-address.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ contract Test{

function sink(address _contract, uint256 _num) internal {
// this requires intraprocedural tainting (--pro-intrafile)
// proruleid: delegatecall-to-arbitrary-address
// proruleid: deeptodoruleid: delegatecall-to-arbitrary-address
(bool success, bytes memory data) = _contract.delegatecall(
abi.encodeWithSignature("setVars(uint256)", _num)
);
Expand Down

0 comments on commit 97bd5b0

Please sign in to comment.