More false positives for C++ if(typ var = ..)

brave · Oct 12, 2023 · a0c2f88 · a0c2f88
1 parent 02c2392
commit a0c2f88
Show file tree

Hide file tree

Showing 2 changed files with 56 additions and 2 deletions.
diff --git a/assets/semgrep_rules/client/typos.cc b/assets/semgrep_rules/client/typos.cc
@@ -0,0 +1,53 @@
+  // ok: raptor-typos
+  if (auto* playlist_service =
+          playlist::PlaylistServiceFactory::GetForBrowserContext(
+              web_contents->GetBrowserContext())) {
+    playlist_service->ConfigureWebPrefsForBackgroundWebContents(web_contents,
+                                                                web_prefs);
+  }
+
+  if (host_content_settings_map) {
+    // ok: raptor-typos
+    if (std::unique_ptr<content::NavigationThrottle>
+            domain_block_navigation_throttle = brave_shields::
+                DomainBlockNavigationThrottle::MaybeCreateThrottleFor(
+                    handle, g_brave_browser_process->ad_block_service(),
+                    g_brave_browser_process->ad_block_service()
+                        ->custom_filters_provider(),
+                    EphemeralStorageServiceFactory::GetForContext(context),
+                    host_content_settings_map,
+                    g_browser_process->GetApplicationLocale())) {
+      throttles.push_back(std::move(domain_block_navigation_throttle));
+    }
+  }
+
+content::StoragePartitionConfig
+BraveContentBrowserClient::GetStoragePartitionConfigForSite(
+    content::BrowserContext* browser_context,
+    const GURL& site) {
+  // ok: raptor-typos
+  if (auto* request_otr_service =
+          request_otr::RequestOTRServiceFactory::GetForBrowserContext(
+              browser_context)) {
+    if (request_otr_service->IsOTR(site)) {
+      CHECK(site.has_host());  // upstream also does this before accessing
+                               // site.host()
+      return content::StoragePartitionConfig::Create(
+          browser_context, site.host(), /*partition_name=*/"request_otr",
+          /*in_memory=*/true);
+    }
+
+  // ruleid: raptor-typos
+  if (request_otr_service =
+          request_otr::RequestOTRServiceFactory::GetForBrowserContext(
+              browser_context)) {
+    if (request_otr_service->IsOTR(site)) {
+      CHECK(site.has_host());
+    }
+
+
+  }
+
+  return ChromeContentBrowserClient::GetStoragePartitionConfigForSite(
+      browser_context, site);
+}
diff --git a/assets/semgrep_rules/client/typos.yaml b/assets/semgrep_rules/client/typos.yaml
@@ -20,7 +20,7 @@ rules:
       The programmer accidentally uses the wrong operator, which changes
       the application logic in security-relevant ways.
       These types of errors are generally the result of a typo.
-      This rule also covers some other common typo patterns.
+      This rule also covers some other common typo patterns. (see $EXPR1)
     severity: WARNING
     languages:
       - c
@@ -39,7 +39,8 @@ rules:
         - pattern-not-inside: if (<... ($EXPR1 = $EXPR2) <= $EXPR ...>) ...
         - pattern-not-inside: if (<... ($EXPR1 = $EXPR2) > $EXPR ...>) ...
         - pattern-not-inside: if (<... ($EXPR1 = $EXPR2) >= $EXPR ...>) ...
-        - pattern-not-regex: "\\(\\s*[_a-zA-Z][_a-zA-Z0-9]{0,30}\\**\\s+\\**[_a-zA-Z][_a-zA-Z0-9]{0,30}\\s*="
+        - pattern-not-regex: "if\\s*\\(\\s*[_a-zA-Z][_a-zA-Z0-9:<>]{0,40}\\**\\s+\\**[_a-zA-Z][_a-zA-Z0-9]{0,30}\\s*"
+        - pattern-not-regex: "if\\s*\\(\\s*[_a-zA-Z][_a-zA-Z0-9*:]{0,40}<[_a-zA-Z][_a-zA-Z0-9:]{0,30}>\\s*"
       # REMOVED: False Positive on Chrome, & instead of && in comparison
       # - patterns:
       #  - pattern: if (<... $EXPR1 & $EXPR2 ...>) ...