hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 10:15:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #12985 from asgerf/rb/meta-query-sql-injection

Browse Source 
Ruby: add SQL injection sinks to meta query
This commit is contained in:
Asger F
2023-05-02 13:35:06 +02:00
committed by GitHub
parent ab67103e6e f59c149bae
commit 0ce27d13a7
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ruby/ql/src/queries/meta/internal/TaintMetrics.qll
View File

@@ -8,6 +8,7 @@ private import codeql.ruby.security.PathInjectionCustomizations
private import codeql.ruby.security.ServerSideRequestForgeryCustomizations
private import codeql.ruby.security.UnsafeDeserializationCustomizations
private import codeql.ruby.security.UrlRedirectCustomizations
private import codeql.ruby.security.SqlInjectionCustomizations
class RelevantFile extends File {
RelevantFile() { not getRelativePath().regexpMatch(".*/test(case)?s?/.*") }
@@ -34,6 +35,8 @@ DataFlow::Node relevantTaintSink(string kind) {
kind = "UnsafeDeserialization" and result instanceof UnsafeDeserialization::Sink
or
kind = "UrlRedirect" and result instanceof UrlRedirect::Sink
or
kind = "SqlInjection" and result instanceof SqlInjection::Sink
) and
// the sink is not a string literal
not exists(Ast::StringLiteral str |