improve query

microsoft · Aug 20, 2024 · 1506738 · 1506738
1 parent 1c7f5c1
commit 1506738
Showing 1 changed file with 7 additions and 6 deletions.
diff --git a/src/drivers/general/queries/NtstatusExplicitCast/NtstatusExplicitCast.ql b/src/drivers/general/queries/NtstatusExplicitCast/NtstatusExplicitCast.ql
@@ -10,7 +10,7 @@
  * @impact Insecure Coding Practice
  * @repro.text This warning indicates that an NTSTATUS value is being explicitly cast to a Boolean type. This is likely to give undesirable results. For example, the typical success value for NTSTATUS, STATUS_SUCCESS, is false when tested as a Boolean.
  * @owner.email: [email protected]
- * @opaqueid CQLD-TODO
+ * @opaqueid CQLD-C28714
  * @problem.severity warning
  * @precision medium
  * @tags correctness
@@ -20,9 +20,10 @@
 
 import cpp
 
-from Cast c, VariableAccess va
+
+from Conversion c
 where
-  va.getTarget().getType().toString().matches("NTSTATUS") and
-  c.getExplicitlyConverted().getType().toString().matches("BOOLEAN") and
-  c.getExpr() = va 
-select va, "Cast between semantically different integer types: NTSTATUS to Boolean" 
+c.getUnconverted().getType().toString().matches("NTSTATUS") and
+c.getType().toString().matches("BOOLEAN") 
+select c.getUnconverted(), "Cast between semantically different integer types: NTSTATUS to Boolean"
+