Merge pull request #71 from joernio/niko/ignorelowercase

Update DangerousFunctions.scala

src/main/scala/io/joern/scanners/c/CredentialDrop.scala

@@ -27,7 +27,7 @@ object CredentialDrop extends QueryBundle {
       withStrRep({ cpg =>
         // format: off
         cpg.
-          method("set(res|re|e|)uid").
+          method("(?i)set(res|re|e|)uid").
           callIn.
           whereNot(_.dominatedBy.isCall.name("set(res|re|e|)?gid"))
         // format: on
@@ -52,7 +52,7 @@ object CredentialDrop extends QueryBundle {
       withStrRep({ cpg =>
         // format: off
         cpg.
-          method("set(res|re|e|)gid").
+          method("(?i)set(res|re|e|)gid").
           callIn.
           whereNot(_.dominatedBy.isCall.name("setgroups"))
         // format: on

src/main/scala/io/joern/scanners/c/DangerousFunctions.scala

@@ -24,7 +24,7 @@ object DangerousFunctions extends QueryBundle {
       score = 8,
       withStrRep({ cpg =>
         // format: off
-        cpg.method("gets").callIn
+        cpg.method("(?i)gets").callIn
         // format: on
       }),
       tags = List(QueryTags.badfn)
@@ -45,8 +45,8 @@ object DangerousFunctions extends QueryBundle {
       score = 4,
       withStrRep({ cpg =>
         // format: off
-        val printfFns = cpg.method("printf").callIn.whereNot(_.argument.order(1).isLiteral)
-        val sprintsFns = cpg.method("(sprintf|vsprintf)").callIn.whereNot(_.argument.order(2).isLiteral)
+        val printfFns = cpg.method("(?i)printf").callIn.whereNot(_.argument.order(1).isLiteral)
+        val sprintsFns = cpg.method("(?i)(sprintf|vsprintf)").callIn.whereNot(_.argument.order(2).isLiteral)
         (printfFns ++ sprintsFns)
         // format: on
       }),
@@ -67,7 +67,7 @@ object DangerousFunctions extends QueryBundle {
       score = 4,
       withStrRep({ cpg =>
         // format: off
-        cpg.method("scanf").callIn
+        cpg.method("(?i)scanf").callIn
         // format: on
       }),
       tags = List(QueryTags.badfn)
@@ -88,7 +88,7 @@ object DangerousFunctions extends QueryBundle {
       score = 4,
       withStrRep({ cpg =>
         // format: off
-        cpg.method("(strcat|strncat)").callIn
+        cpg.method("(?i)(strcat|strncat)").callIn
         // format: on
       }),
       tags = List(QueryTags.badfn)
@@ -111,7 +111,7 @@ object DangerousFunctions extends QueryBundle {
       score = 4,
       withStrRep({ cpg =>
         // format: off
-        cpg.method("(strcpy|strncpy)").callIn
+        cpg.method("(?i)(strcpy|strncpy)").callIn
         // format: on
       }),
       tags = List(QueryTags.badfn)
@@ -133,7 +133,7 @@ object DangerousFunctions extends QueryBundle {
       score = 4,
       withStrRep({ cpg =>
         // format: off
-        cpg.method("strtok").callIn
+        cpg.method("(?i)strtok").callIn
         // format: on
       }),
       tags = List(QueryTags.badfn)
@@ -153,7 +153,7 @@ object DangerousFunctions extends QueryBundle {
       score = 4,
       withStrRep({ cpg =>
         // format: off
-        cpg.method("getwd").callIn
+        cpg.method("(?i)getwd").callIn
         // format: on
       }),
       tags = List(QueryTags.badfn)

src/main/scala/io/joern/scanners/c/HeapBasedOverflow.scala

@@ -34,7 +34,7 @@ object HeapBasedOverflow extends QueryBundle {
           where(_.argument(1).arithmetics).l
 
         cpg.
-          method("memcpy").
+          method("(?i)memcpy").
           callIn.l.
           filter { memcpyCall =>
             memcpyCall.

src/main/scala/io/joern/scanners/c/IntegerTruncations.scala

@@ -31,7 +31,8 @@ object IntegerTruncations extends QueryBundle {
       withStrRep({ cpg =>
         // format: off
         cpg.
-          method("strlen").
+          method.
+          name("(?i)strlen").
           callIn.
           inAssignment.
           target.

src/main/scala/io/joern/scanners/c/NullTermination.scala

@@ -30,7 +30,7 @@ object NullTermination extends QueryBundle {
         // format: off
         val allocations = cpg.method(".*malloc$").callIn.argument(1).l
         cpg.
-          method("strncpy").
+          method("(?i)strncpy").
           callIn.
           map { c =>
             (c.method, c.argument(1), c.argument(3))

src/main/scala/io/joern/scanners/c/RetvalChecks.scala

@@ -24,7 +24,7 @@ object RetvalChecks extends QueryBundle {
         // format: off
         implicit val noResolve: NoResolve.type = NoResolve
         val callsNotDirectlyChecked = cpg.
-          method("(read|recv|malloc)").
+          method("(?i)(read|recv|malloc)").
           callIn.
           filterNot { y =>
             val code = y.code