mirror of
https://github.com/xroche/httrack.git
synced 2026-07-17 22:29:55 +03:00
* Keep cookies.txt owner-only (0600) cookie_save() wrote the jar with fopen, so live session cookies ended up world-readable under the usual umask. Create it O_CREAT 0600 on Unix (new HTS_PROTECT_FILE), fchmod pre-existing jars down to 0600 on rewrite, and close the fd if fdopen fails. The st_cookies selftest asserts both the fresh-create and the tighten-on-rewrite mode (ASan-independent, proven by reverting each fix). Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> Signed-off-by: Xavier Roche <roche@httrack.com> * CodeQL: exclude cpp/world-writable-file-creation The rule flags every file-creating fopen (0666 & ~umask): 53 baseline alerts over mirror/cache/log/test output where umask-controlled modes are the intended, conventional behavior. Its one real catch, the cookies jar, is now kept 0600 explicitly. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> Signed-off-by: Xavier Roche <roche@httrack.com> * st_cookies: assert the saved jar is non-empty The mode assertions alone would pass a cookie_save that creates an empty 0600 file and returns 0; check st_size on both saves (proven by a negative control that skips the write loop). Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> Signed-off-by: Xavier Roche <roche@httrack.com> --------- Signed-off-by: Xavier Roche <roche@httrack.com> Co-authored-by: Claude Fable 5 <noreply@anthropic.com>
64 lines
1.7 KiB
YAML
64 lines
1.7 KiB
YAML
# CodeQL static analysis (C). The security-extended suite covers the classes
|
|
# this codebase actually fights: overflows, tainted-size allocs, format bugs.
|
|
name: CodeQL
|
|
|
|
on:
|
|
push:
|
|
branches: [master]
|
|
pull_request:
|
|
schedule:
|
|
# Weekly re-scan of master so new/updated queries land without a push.
|
|
- cron: "17 4 * * 1"
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
concurrency:
|
|
group: codeql-${{ github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
analyze:
|
|
name: analyze (c-cpp)
|
|
runs-on: ubuntu-24.04
|
|
permissions:
|
|
contents: read
|
|
# Upload findings to the repo's code-scanning dashboard.
|
|
security-events: write
|
|
steps:
|
|
- uses: actions/checkout@v6
|
|
with:
|
|
submodules: recursive
|
|
|
|
- name: Install build dependencies
|
|
run: |
|
|
set -euo pipefail
|
|
sudo apt-get update
|
|
sudo apt-get install -y --no-install-recommends \
|
|
build-essential autoconf automake libtool autoconf-archive \
|
|
zlib1g-dev libssl-dev
|
|
|
|
- uses: github/codeql-action/init@v4
|
|
with:
|
|
languages: c-cpp
|
|
build-mode: manual
|
|
queries: security-extended
|
|
# fopen's umask-controlled 0666 is intended for mirror/cache/log
|
|
# output; the one credential file (cookies.txt) is kept 0600 on Unix.
|
|
config: |
|
|
query-filters:
|
|
- exclude:
|
|
id: cpp/world-writable-file-creation
|
|
|
|
# Manual build: CodeQL traces the compiler, so build exactly what ships.
|
|
- name: Build
|
|
run: |
|
|
set -euo pipefail
|
|
autoreconf -fi
|
|
./configure
|
|
make -j"$(nproc)"
|
|
|
|
- uses: github/codeql-action/analyze@v4
|
|
with:
|
|
category: "/language:c-cpp"
|