mirror of
https://github.com/github/codeql.git
synced 2026-05-01 03:35:13 +02:00
Ruby: add flow summaries for Object#dup and Kernel#tap
This commit is contained in:
Arthur Baars
@@ -167,4 +167,14 @@ module Kernel {
|
||||
|
||||
override DataFlow::Node getCode() { result = this.getArgument(0) }
|
||||
}
|
||||
|
||||
private class TapSummary extends SimpleSummarizedCallable {
|
||||
TapSummary() { this = "tap" }
|
||||
|
||||
override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
|
||||
input = "Argument[self]" and
|
||||
output = ["ReturnValue", "Argument[block].Parameter[0]"] and
|
||||
preservesValue = true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,6 +3,7 @@
|
||||
*/
|
||||
|
||||
private import codeql.ruby.AST
|
||||
private import codeql.ruby.dataflow.FlowSummary
|
||||
|
||||
/**
|
||||
* Provides modeling for the `Object` class.
|
||||
@@ -31,4 +32,14 @@ module Object {
|
||||
"taint", "tainted?", "to_enum", "to_s", "trust", "untaint", "untrust", "untrusted?"
|
||||
]
|
||||
}
|
||||
|
||||
private class DupSummary extends SimpleSummarizedCallable {
|
||||
DupSummary() { this = "dup" }
|
||||
|
||||
override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
|
||||
input = "Argument[self]" and
|
||||
output = "ReturnValue" and
|
||||
preservesValue = true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -243,3 +243,39 @@
|
||||
| local_dataflow.rb:107:9:107:17 | [post] self | local_dataflow.rb:108:3:108:9 | self |
|
||||
| local_dataflow.rb:107:9:107:17 | call to source | local_dataflow.rb:107:5:107:7 | ... && ... |
|
||||
| local_dataflow.rb:107:9:107:17 | self | local_dataflow.rb:108:3:108:9 | self |
|
||||
| local_dataflow.rb:111:1:114:3 | self (object_dup) | local_dataflow.rb:112:3:112:21 | self |
|
||||
| local_dataflow.rb:111:1:114:3 | self in object_dup | local_dataflow.rb:111:1:114:3 | self (object_dup) |
|
||||
| local_dataflow.rb:112:3:112:21 | [post] self | local_dataflow.rb:112:8:112:16 | self |
|
||||
| local_dataflow.rb:112:3:112:21 | self | local_dataflow.rb:112:8:112:16 | self |
|
||||
| local_dataflow.rb:112:8:112:16 | [post] self | local_dataflow.rb:113:3:113:25 | self |
|
||||
| local_dataflow.rb:112:8:112:16 | call to source | local_dataflow.rb:112:8:112:20 | call to dup |
|
||||
| local_dataflow.rb:112:8:112:16 | self | local_dataflow.rb:113:3:113:25 | self |
|
||||
| local_dataflow.rb:113:3:113:25 | [post] self | local_dataflow.rb:113:8:113:16 | self |
|
||||
| local_dataflow.rb:113:3:113:25 | self | local_dataflow.rb:113:8:113:16 | self |
|
||||
| local_dataflow.rb:113:8:113:16 | call to source | local_dataflow.rb:113:8:113:20 | call to dup |
|
||||
| local_dataflow.rb:113:8:113:20 | call to dup | local_dataflow.rb:113:8:113:24 | call to dup |
|
||||
| local_dataflow.rb:116:1:120:3 | self (kernel_tap) | local_dataflow.rb:117:3:117:24 | self |
|
||||
| local_dataflow.rb:116:1:120:3 | self in kernel_tap | local_dataflow.rb:116:1:120:3 | self (kernel_tap) |
|
||||
| local_dataflow.rb:117:3:117:24 | [post] self | local_dataflow.rb:117:8:117:16 | self |
|
||||
| local_dataflow.rb:117:3:117:24 | self | local_dataflow.rb:117:8:117:16 | self |
|
||||
| local_dataflow.rb:117:8:117:16 | [post] self | local_dataflow.rb:118:3:118:11 | self |
|
||||
| local_dataflow.rb:117:8:117:16 | call to source | local_dataflow.rb:117:8:117:23 | call to tap |
|
||||
| local_dataflow.rb:117:8:117:16 | self | local_dataflow.rb:118:3:118:11 | self |
|
||||
| local_dataflow.rb:118:3:118:11 | [post] self | local_dataflow.rb:119:3:119:31 | self |
|
||||
| local_dataflow.rb:118:3:118:11 | call to source | local_dataflow.rb:118:3:118:31 | call to tap |
|
||||
| local_dataflow.rb:118:3:118:11 | self | local_dataflow.rb:119:3:119:31 | self |
|
||||
| local_dataflow.rb:118:17:118:31 | <captured> | local_dataflow.rb:118:23:118:29 | self |
|
||||
| local_dataflow.rb:118:20:118:20 | x | local_dataflow.rb:118:20:118:20 | x |
|
||||
| local_dataflow.rb:118:20:118:20 | x | local_dataflow.rb:118:28:118:28 | x |
|
||||
| local_dataflow.rb:119:3:119:31 | [post] self | local_dataflow.rb:119:8:119:16 | self |
|
||||
| local_dataflow.rb:119:3:119:31 | self | local_dataflow.rb:119:8:119:16 | self |
|
||||
| local_dataflow.rb:119:8:119:16 | call to source | local_dataflow.rb:119:8:119:23 | call to tap |
|
||||
| local_dataflow.rb:119:8:119:23 | call to tap | local_dataflow.rb:119:8:119:30 | call to tap |
|
||||
| local_dataflow.rb:122:1:124:3 | self (dup_tap) | local_dataflow.rb:123:3:123:50 | self |
|
||||
| local_dataflow.rb:122:1:124:3 | self in dup_tap | local_dataflow.rb:122:1:124:3 | self (dup_tap) |
|
||||
| local_dataflow.rb:123:3:123:50 | [post] self | local_dataflow.rb:123:8:123:16 | self |
|
||||
| local_dataflow.rb:123:3:123:50 | self | local_dataflow.rb:123:8:123:16 | self |
|
||||
| local_dataflow.rb:123:8:123:16 | call to source | local_dataflow.rb:123:8:123:20 | call to dup |
|
||||
| local_dataflow.rb:123:8:123:20 | call to dup | local_dataflow.rb:123:8:123:45 | call to tap |
|
||||
| local_dataflow.rb:123:8:123:45 | call to tap | local_dataflow.rb:123:8:123:49 | call to dup |
|
||||
| local_dataflow.rb:123:26:123:45 | <captured> | local_dataflow.rb:123:32:123:43 | self |
|
||||
|
||||
@@ -14,6 +14,11 @@ ret
|
||||
| local_dataflow.rb:52:3:52:10 | "normal" |
|
||||
| local_dataflow.rb:89:3:89:9 | call to sink |
|
||||
| local_dataflow.rb:108:3:108:9 | call to sink |
|
||||
| local_dataflow.rb:113:3:113:25 | call to sink |
|
||||
| local_dataflow.rb:118:23:118:29 | call to sink |
|
||||
| local_dataflow.rb:119:3:119:31 | call to sink |
|
||||
| local_dataflow.rb:123:3:123:50 | call to sink |
|
||||
| local_dataflow.rb:123:32:123:43 | call to puts |
|
||||
arg
|
||||
| local_dataflow.rb:3:8:3:10 | self | local_dataflow.rb:3:8:3:10 | call to p | self |
|
||||
| local_dataflow.rb:3:10:3:10 | a | local_dataflow.rb:3:8:3:10 | call to p | position 0 |
|
||||
@@ -124,3 +129,44 @@ arg
|
||||
| local_dataflow.rb:107:16:107:16 | 8 | local_dataflow.rb:107:9:107:17 | call to source | position 0 |
|
||||
| local_dataflow.rb:108:3:108:9 | self | local_dataflow.rb:108:3:108:9 | call to sink | self |
|
||||
| local_dataflow.rb:108:8:108:8 | b | local_dataflow.rb:108:3:108:9 | call to sink | position 0 |
|
||||
| local_dataflow.rb:112:3:112:21 | self | local_dataflow.rb:112:3:112:21 | call to sink | self |
|
||||
| local_dataflow.rb:112:8:112:16 | call to source | local_dataflow.rb:112:8:112:20 | call to dup | self |
|
||||
| local_dataflow.rb:112:8:112:16 | self | local_dataflow.rb:112:8:112:16 | call to source | self |
|
||||
| local_dataflow.rb:112:8:112:20 | call to dup | local_dataflow.rb:112:3:112:21 | call to sink | position 0 |
|
||||
| local_dataflow.rb:112:15:112:15 | 1 | local_dataflow.rb:112:8:112:16 | call to source | position 0 |
|
||||
| local_dataflow.rb:113:3:113:25 | self | local_dataflow.rb:113:3:113:25 | call to sink | self |
|
||||
| local_dataflow.rb:113:8:113:16 | call to source | local_dataflow.rb:113:8:113:20 | call to dup | self |
|
||||
| local_dataflow.rb:113:8:113:16 | self | local_dataflow.rb:113:8:113:16 | call to source | self |
|
||||
| local_dataflow.rb:113:8:113:20 | call to dup | local_dataflow.rb:113:8:113:24 | call to dup | self |
|
||||
| local_dataflow.rb:113:8:113:24 | call to dup | local_dataflow.rb:113:3:113:25 | call to sink | position 0 |
|
||||
| local_dataflow.rb:113:15:113:15 | 1 | local_dataflow.rb:113:8:113:16 | call to source | position 0 |
|
||||
| local_dataflow.rb:117:3:117:24 | self | local_dataflow.rb:117:3:117:24 | call to sink | self |
|
||||
| local_dataflow.rb:117:8:117:16 | call to source | local_dataflow.rb:117:8:117:23 | call to tap | self |
|
||||
| local_dataflow.rb:117:8:117:16 | self | local_dataflow.rb:117:8:117:16 | call to source | self |
|
||||
| local_dataflow.rb:117:8:117:23 | call to tap | local_dataflow.rb:117:3:117:24 | call to sink | position 0 |
|
||||
| local_dataflow.rb:117:15:117:15 | 1 | local_dataflow.rb:117:8:117:16 | call to source | position 0 |
|
||||
| local_dataflow.rb:117:22:117:23 | { ... } | local_dataflow.rb:117:8:117:23 | call to tap | block |
|
||||
| local_dataflow.rb:118:3:118:11 | call to source | local_dataflow.rb:118:3:118:31 | call to tap | self |
|
||||
| local_dataflow.rb:118:3:118:11 | self | local_dataflow.rb:118:3:118:11 | call to source | self |
|
||||
| local_dataflow.rb:118:10:118:10 | 1 | local_dataflow.rb:118:3:118:11 | call to source | position 0 |
|
||||
| local_dataflow.rb:118:17:118:31 | { ... } | local_dataflow.rb:118:3:118:31 | call to tap | block |
|
||||
| local_dataflow.rb:118:23:118:29 | self | local_dataflow.rb:118:23:118:29 | call to sink | self |
|
||||
| local_dataflow.rb:118:28:118:28 | x | local_dataflow.rb:118:23:118:29 | call to sink | position 0 |
|
||||
| local_dataflow.rb:119:3:119:31 | self | local_dataflow.rb:119:3:119:31 | call to sink | self |
|
||||
| local_dataflow.rb:119:8:119:16 | call to source | local_dataflow.rb:119:8:119:23 | call to tap | self |
|
||||
| local_dataflow.rb:119:8:119:16 | self | local_dataflow.rb:119:8:119:16 | call to source | self |
|
||||
| local_dataflow.rb:119:8:119:23 | call to tap | local_dataflow.rb:119:8:119:30 | call to tap | self |
|
||||
| local_dataflow.rb:119:8:119:30 | call to tap | local_dataflow.rb:119:3:119:31 | call to sink | position 0 |
|
||||
| local_dataflow.rb:119:15:119:15 | 1 | local_dataflow.rb:119:8:119:16 | call to source | position 0 |
|
||||
| local_dataflow.rb:119:22:119:23 | { ... } | local_dataflow.rb:119:8:119:23 | call to tap | block |
|
||||
| local_dataflow.rb:119:29:119:30 | { ... } | local_dataflow.rb:119:8:119:30 | call to tap | block |
|
||||
| local_dataflow.rb:123:3:123:50 | self | local_dataflow.rb:123:3:123:50 | call to sink | self |
|
||||
| local_dataflow.rb:123:8:123:16 | call to source | local_dataflow.rb:123:8:123:20 | call to dup | self |
|
||||
| local_dataflow.rb:123:8:123:16 | self | local_dataflow.rb:123:8:123:16 | call to source | self |
|
||||
| local_dataflow.rb:123:8:123:20 | call to dup | local_dataflow.rb:123:8:123:45 | call to tap | self |
|
||||
| local_dataflow.rb:123:8:123:45 | call to tap | local_dataflow.rb:123:8:123:49 | call to dup | self |
|
||||
| local_dataflow.rb:123:8:123:49 | call to dup | local_dataflow.rb:123:3:123:50 | call to sink | position 0 |
|
||||
| local_dataflow.rb:123:15:123:15 | 1 | local_dataflow.rb:123:8:123:16 | call to source | position 0 |
|
||||
| local_dataflow.rb:123:26:123:45 | { ... } | local_dataflow.rb:123:8:123:45 | call to tap | block |
|
||||
| local_dataflow.rb:123:32:123:43 | self | local_dataflow.rb:123:32:123:43 | call to puts | self |
|
||||
| local_dataflow.rb:123:37:123:43 | "hello" | local_dataflow.rb:123:32:123:43 | call to puts | position 0 |
|
||||
|
||||
@@ -33,6 +33,28 @@ edges
|
||||
| local_dataflow.rb:106:7:106:15 | call to source : | local_dataflow.rb:108:8:108:8 | b |
|
||||
| local_dataflow.rb:107:9:107:17 | call to source : | local_dataflow.rb:108:8:108:8 | b |
|
||||
| local_dataflow.rb:107:9:107:17 | call to source : | local_dataflow.rb:108:8:108:8 | b |
|
||||
| local_dataflow.rb:112:8:112:16 | call to source : | local_dataflow.rb:112:8:112:20 | call to dup |
|
||||
| local_dataflow.rb:112:8:112:16 | call to source : | local_dataflow.rb:112:8:112:20 | call to dup |
|
||||
| local_dataflow.rb:113:8:113:16 | call to source : | local_dataflow.rb:113:8:113:20 | call to dup : |
|
||||
| local_dataflow.rb:113:8:113:16 | call to source : | local_dataflow.rb:113:8:113:20 | call to dup : |
|
||||
| local_dataflow.rb:113:8:113:20 | call to dup : | local_dataflow.rb:113:8:113:24 | call to dup |
|
||||
| local_dataflow.rb:113:8:113:20 | call to dup : | local_dataflow.rb:113:8:113:24 | call to dup |
|
||||
| local_dataflow.rb:117:8:117:16 | call to source : | local_dataflow.rb:117:8:117:23 | call to tap |
|
||||
| local_dataflow.rb:117:8:117:16 | call to source : | local_dataflow.rb:117:8:117:23 | call to tap |
|
||||
| local_dataflow.rb:118:3:118:11 | call to source : | local_dataflow.rb:118:20:118:20 | x : |
|
||||
| local_dataflow.rb:118:3:118:11 | call to source : | local_dataflow.rb:118:20:118:20 | x : |
|
||||
| local_dataflow.rb:118:20:118:20 | x : | local_dataflow.rb:118:28:118:28 | x |
|
||||
| local_dataflow.rb:118:20:118:20 | x : | local_dataflow.rb:118:28:118:28 | x |
|
||||
| local_dataflow.rb:119:8:119:16 | call to source : | local_dataflow.rb:119:8:119:23 | call to tap : |
|
||||
| local_dataflow.rb:119:8:119:16 | call to source : | local_dataflow.rb:119:8:119:23 | call to tap : |
|
||||
| local_dataflow.rb:119:8:119:23 | call to tap : | local_dataflow.rb:119:8:119:30 | call to tap |
|
||||
| local_dataflow.rb:119:8:119:23 | call to tap : | local_dataflow.rb:119:8:119:30 | call to tap |
|
||||
| local_dataflow.rb:123:8:123:16 | call to source : | local_dataflow.rb:123:8:123:20 | call to dup : |
|
||||
| local_dataflow.rb:123:8:123:16 | call to source : | local_dataflow.rb:123:8:123:20 | call to dup : |
|
||||
| local_dataflow.rb:123:8:123:20 | call to dup : | local_dataflow.rb:123:8:123:45 | call to tap : |
|
||||
| local_dataflow.rb:123:8:123:20 | call to dup : | local_dataflow.rb:123:8:123:45 | call to tap : |
|
||||
| local_dataflow.rb:123:8:123:45 | call to tap : | local_dataflow.rb:123:8:123:49 | call to dup |
|
||||
| local_dataflow.rb:123:8:123:45 | call to tap : | local_dataflow.rb:123:8:123:49 | call to dup |
|
||||
nodes
|
||||
| local_dataflow.rb:78:12:78:20 | call to source : | semmle.label | call to source : |
|
||||
| local_dataflow.rb:79:25:79:25 | b | semmle.label | b |
|
||||
@@ -80,6 +102,40 @@ nodes
|
||||
| local_dataflow.rb:107:9:107:17 | call to source : | semmle.label | call to source : |
|
||||
| local_dataflow.rb:108:8:108:8 | b | semmle.label | b |
|
||||
| local_dataflow.rb:108:8:108:8 | b | semmle.label | b |
|
||||
| local_dataflow.rb:112:8:112:16 | call to source : | semmle.label | call to source : |
|
||||
| local_dataflow.rb:112:8:112:16 | call to source : | semmle.label | call to source : |
|
||||
| local_dataflow.rb:112:8:112:20 | call to dup | semmle.label | call to dup |
|
||||
| local_dataflow.rb:112:8:112:20 | call to dup | semmle.label | call to dup |
|
||||
| local_dataflow.rb:113:8:113:16 | call to source : | semmle.label | call to source : |
|
||||
| local_dataflow.rb:113:8:113:16 | call to source : | semmle.label | call to source : |
|
||||
| local_dataflow.rb:113:8:113:20 | call to dup : | semmle.label | call to dup : |
|
||||
| local_dataflow.rb:113:8:113:20 | call to dup : | semmle.label | call to dup : |
|
||||
| local_dataflow.rb:113:8:113:24 | call to dup | semmle.label | call to dup |
|
||||
| local_dataflow.rb:113:8:113:24 | call to dup | semmle.label | call to dup |
|
||||
| local_dataflow.rb:117:8:117:16 | call to source : | semmle.label | call to source : |
|
||||
| local_dataflow.rb:117:8:117:16 | call to source : | semmle.label | call to source : |
|
||||
| local_dataflow.rb:117:8:117:23 | call to tap | semmle.label | call to tap |
|
||||
| local_dataflow.rb:117:8:117:23 | call to tap | semmle.label | call to tap |
|
||||
| local_dataflow.rb:118:3:118:11 | call to source : | semmle.label | call to source : |
|
||||
| local_dataflow.rb:118:3:118:11 | call to source : | semmle.label | call to source : |
|
||||
| local_dataflow.rb:118:20:118:20 | x : | semmle.label | x : |
|
||||
| local_dataflow.rb:118:20:118:20 | x : | semmle.label | x : |
|
||||
| local_dataflow.rb:118:28:118:28 | x | semmle.label | x |
|
||||
| local_dataflow.rb:118:28:118:28 | x | semmle.label | x |
|
||||
| local_dataflow.rb:119:8:119:16 | call to source : | semmle.label | call to source : |
|
||||
| local_dataflow.rb:119:8:119:16 | call to source : | semmle.label | call to source : |
|
||||
| local_dataflow.rb:119:8:119:23 | call to tap : | semmle.label | call to tap : |
|
||||
| local_dataflow.rb:119:8:119:23 | call to tap : | semmle.label | call to tap : |
|
||||
| local_dataflow.rb:119:8:119:30 | call to tap | semmle.label | call to tap |
|
||||
| local_dataflow.rb:119:8:119:30 | call to tap | semmle.label | call to tap |
|
||||
| local_dataflow.rb:123:8:123:16 | call to source : | semmle.label | call to source : |
|
||||
| local_dataflow.rb:123:8:123:16 | call to source : | semmle.label | call to source : |
|
||||
| local_dataflow.rb:123:8:123:20 | call to dup : | semmle.label | call to dup : |
|
||||
| local_dataflow.rb:123:8:123:20 | call to dup : | semmle.label | call to dup : |
|
||||
| local_dataflow.rb:123:8:123:45 | call to tap : | semmle.label | call to tap : |
|
||||
| local_dataflow.rb:123:8:123:45 | call to tap : | semmle.label | call to tap : |
|
||||
| local_dataflow.rb:123:8:123:49 | call to dup | semmle.label | call to dup |
|
||||
| local_dataflow.rb:123:8:123:49 | call to dup | semmle.label | call to dup |
|
||||
subpaths
|
||||
#select
|
||||
| local_dataflow.rb:79:25:79:25 | b | local_dataflow.rb:78:12:78:20 | call to source : | local_dataflow.rb:79:25:79:25 | b | $@ | local_dataflow.rb:78:12:78:20 | call to source : | call to source : |
|
||||
@@ -103,3 +159,9 @@ subpaths
|
||||
| local_dataflow.rb:105:8:105:8 | a | local_dataflow.rb:104:9:104:17 | call to source : | local_dataflow.rb:105:8:105:8 | a | $@ | local_dataflow.rb:104:9:104:17 | call to source : | call to source : |
|
||||
| local_dataflow.rb:108:8:108:8 | b | local_dataflow.rb:106:7:106:15 | call to source : | local_dataflow.rb:108:8:108:8 | b | $@ | local_dataflow.rb:106:7:106:15 | call to source : | call to source : |
|
||||
| local_dataflow.rb:108:8:108:8 | b | local_dataflow.rb:107:9:107:17 | call to source : | local_dataflow.rb:108:8:108:8 | b | $@ | local_dataflow.rb:107:9:107:17 | call to source : | call to source : |
|
||||
| local_dataflow.rb:112:8:112:20 | call to dup | local_dataflow.rb:112:8:112:16 | call to source : | local_dataflow.rb:112:8:112:20 | call to dup | $@ | local_dataflow.rb:112:8:112:16 | call to source : | call to source : |
|
||||
| local_dataflow.rb:113:8:113:24 | call to dup | local_dataflow.rb:113:8:113:16 | call to source : | local_dataflow.rb:113:8:113:24 | call to dup | $@ | local_dataflow.rb:113:8:113:16 | call to source : | call to source : |
|
||||
| local_dataflow.rb:117:8:117:23 | call to tap | local_dataflow.rb:117:8:117:16 | call to source : | local_dataflow.rb:117:8:117:23 | call to tap | $@ | local_dataflow.rb:117:8:117:16 | call to source : | call to source : |
|
||||
| local_dataflow.rb:118:28:118:28 | x | local_dataflow.rb:118:3:118:11 | call to source : | local_dataflow.rb:118:28:118:28 | x | $@ | local_dataflow.rb:118:3:118:11 | call to source : | call to source : |
|
||||
| local_dataflow.rb:119:8:119:30 | call to tap | local_dataflow.rb:119:8:119:16 | call to source : | local_dataflow.rb:119:8:119:30 | call to tap | $@ | local_dataflow.rb:119:8:119:16 | call to source : | call to source : |
|
||||
| local_dataflow.rb:123:8:123:49 | call to dup | local_dataflow.rb:123:8:123:16 | call to source : | local_dataflow.rb:123:8:123:49 | call to dup | $@ | local_dataflow.rb:123:8:123:16 | call to source : | call to source : |
|
||||
|
||||
@@ -107,3 +107,18 @@ def and_or
|
||||
b &&= source(8)
|
||||
sink(b) # $ hasValueFlow=7 hasValueFlow=8
|
||||
end
|
||||
|
||||
def object_dup
|
||||
sink(source(1).dup) # $ hasValueFlow=1
|
||||
sink(source(1).dup.dup) # $ hasValueFlow=1
|
||||
end
|
||||
|
||||
def kernel_tap
|
||||
sink(source(1).tap {}) # $ hasValueFlow=1
|
||||
source(1).tap { |x| sink(x) } # $ hasValueFlow=1
|
||||
sink(source(1).tap {}.tap {}) # $ hasValueFlow=1
|
||||
end
|
||||
|
||||
def dup_tap
|
||||
sink(source(1).dup.tap { |x| puts "hello" }.dup) # $ hasValueFlow=1
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user