Skip to content

Commit

Permalink
refine the regex and add more tests
Browse files Browse the repository at this point in the history
  • Loading branch information
@stoletheminerals
stoletheminerals committed Nov 1, 2024
1 parent 54b1aac commit e3492da
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 1 deletion.
5 changes: 5 additions & 0 deletions assets/semgrep_rules/client/dangling-pointer-trait.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,3 +29,8 @@ const raw_ref<const AppListConfig, DanglingUntriaged> app_list_config_;
const raw_ref<base::WaitableEvent, AcrossTasksDanglingUntriaged> on_destroyed_;
// ruleid: dangling-pointer-trait
const raw_ref<AshProxy, LeakedDanglingUntriaged> ash_;
// ruleid: dangling-pointer-trait
const raw_ptr<Delegate, AllowPtrArithmetic | FlakyDanglingUntriaged | LeakedDanglingUntriaged> delegate_;
// ruleid: dangling-pointer-trait
const raw_ptr<Delegate, AllowPtrArithmetic
| FlakyDanglingUntriaged> delegate_;
2 changes: 1 addition & 1 deletion assets/semgrep_rules/client/dangling-pointer-trait.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ rules:
stoletheminerals
thypon
cdesouza-chromium
pattern-regex: \braw_(ptr|ref)<[^,>]+,\s*(DanglingUntriaged|DisableDanglingPtrDetection|FlakyDanglingUntriaged|AcrossTasksDanglingUntriaged|AllowPtrArithmetic|AllowUninitialized|LeakedDanglingUntriaged|VectorExperimental|SetExperimental|CtnExperimental)\b\s*>
pattern-regex: \braw_(ptr|ref)<[^,>]+,\s*(?:\b(DanglingUntriaged|DisableDanglingPtrDetection|FlakyDanglingUntriaged|AcrossTasksDanglingUntriaged|AllowPtrArithmetic|AllowUninitialized|LeakedDanglingUntriaged|VectorExperimental|SetExperimental|CtnExperimental)\b(?:\s*\|\s*)?){1,}\s*>
message: "Detected use of a trait that disables dangling pointer checks. This requires security team approval."
severity: WARNING
languages:
Expand Down

0 comments on commit e3492da

Please sign in to comment.