From 14156c8160389ec10eab32160238ea32ab9496cb Mon Sep 17 00:00:00 2001 From: Andrea Brancaleoni Date: Mon, 17 Jul 2023 13:52:56 +0200 Subject: [PATCH] Update and rename brave-isolated-world-id-content-end.yaml to brave-isolated-world.yaml --- ...d-id-content-end.yaml => brave-isolated-world.yaml} | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) rename assets/semgrep_rules/c/{brave-isolated-world-id-content-end.yaml => brave-isolated-world.yaml} (57%) diff --git a/assets/semgrep_rules/c/brave-isolated-world-id-content-end.yaml b/assets/semgrep_rules/c/brave-isolated-world.yaml similarity index 57% rename from assets/semgrep_rules/c/brave-isolated-world-id-content-end.yaml rename to assets/semgrep_rules/c/brave-isolated-world.yaml index ab0037d6..c3b46a03 100644 --- a/assets/semgrep_rules/c/brave-isolated-world-id-content-end.yaml +++ b/assets/semgrep_rules/c/brave-isolated-world.yaml @@ -3,8 +3,12 @@ rules: metadata: author: Andrea Brancaleoni confidence: LOW + assignees: | + thypon + goodov + iefremov source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/c/brave-isolated-world-id-content-end.yaml - message: Security hotspot found (`ISOLATED_WORLD_ID_CONTENT_END`). A security-team member should analyze the code security for possible vulnerabilities. + message: Security hotspot found (`ISOLATED_WORLD`). A security-team member should analyze the code security for possible vulnerabilities. severity: WARNING languages: - generic @@ -16,4 +20,6 @@ rules: - "*.h" - "*.hh" - "*.hcc" - pattern-regex: ISOLATED_WORLD_ID_CONTENT_END + patterns: + - pattern-regex: ISOLATED_WORLD_ID_CONTENT_END + - pattern-regex: ISOLATED_WORLD_ID_BRAVE_INTERNAL