Change dynamic scope to call for atomic operations #952
Conversation
|
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). View this failed invocation of the CLA check for more information. For the most up to date status, view the checks section at the bottom of the pull request. |
jorik-utwente
force-pushed
the
narrow-dyn-scope-atomic-operations
branch
from
1fdde58
to
4449de5
Compare
| - or: | ||
| - number: 0x40000000 = GENERIC_WRITE | ||
| - number: 0x2 = FILE_WRITE_DATA | ||
| - match: create or open file |
There was a problem hiding this comment.
here's where things can get tricky: the scope of create or open file is (fortunately) also call, but in some other rules is a larger scope (like thread), which is impossible to match.
so, i think this change is fine.
but we should be aware that in other scenarios, there's some tricky things we might have to fix.
jorik-utwente
force-pushed
the
narrow-dyn-scope-atomic-operations
branch
from
4449de5
to
c9a586d
Compare
jorik-utwente
force-pushed
the
narrow-dyn-scope-atomic-operations
branch
from
c9a586d
to
29dc617
Compare
|
Thanks for all your suggestions, @jorik-utwente! I'm back this week to work on getting the improvements merged. |
To reduce false positives, we change the dynamic scope of a couple of operations to
call.E.g., writing to the registry is always done in one Windows API call, so we change the scope from
threadtocall.Original discussion: #951