mirror of
https://github.com/github/codeql.git
synced 2026-04-23 15:55:18 +02:00
Ruby: model Open4.popen4ext
This commit is contained in:
@@ -38,14 +38,26 @@ module Open3 {
|
||||
*/
|
||||
class Open4Call extends SystemCommandExecution::Range instanceof DataFlow::CallNode {
|
||||
Open4Call() {
|
||||
this = API::getTopLevelMember("Open4").getAMethodCall(["open4", "popen4", "spawn"])
|
||||
this =
|
||||
API::getTopLevelMember("Open4").getAMethodCall(["open4", "popen4", "spawn", "popen4ext"])
|
||||
}
|
||||
|
||||
override DataFlow::Node getAnArgument() { result = super.getArgument(_) }
|
||||
override DataFlow::Node getAnArgument() {
|
||||
// `popen4ext` takes an optional boolean as its first argument, but it is unlikely that we will be
|
||||
// tracking flow into a boolean value so it doesn't seem worth modeling that special case here.
|
||||
result = super.getArgument(_)
|
||||
}
|
||||
|
||||
override predicate isShellInterpreted(DataFlow::Node arg) {
|
||||
super.getNumberOfArguments() = 1 and
|
||||
arg = this.getAnArgument()
|
||||
or
|
||||
// ```rb
|
||||
// Open4.popen4ext(true, "some cmd")
|
||||
// ```
|
||||
super.getNumberOfArguments() = 2 and
|
||||
super.getArgument(0).getConstantValue().isBoolean(_) and
|
||||
arg = super.getArgument(1)
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -15,3 +15,7 @@ open4CallExecutions
|
||||
| Open3.rb:13:1:13:24 | call to open4 |
|
||||
| Open3.rb:14:1:14:25 | call to popen4 |
|
||||
| Open3.rb:15:1:15:23 | call to spawn |
|
||||
| Open3.rb:16:1:16:27 | call to popen4ext |
|
||||
| Open3.rb:17:1:17:30 | call to popen4ext |
|
||||
| Open3.rb:18:1:18:33 | call to popen4ext |
|
||||
| Open3.rb:19:1:19:36 | call to popen4ext |
|
||||
|
||||
@@ -13,3 +13,7 @@ Open3.pipeline("echo foo", "grep bar")
|
||||
Open4::open4("echo foo")
|
||||
Open4::popen4("echo foo")
|
||||
Open4.spawn("echo bar")
|
||||
Open4.popen4ext("echo foo")
|
||||
Open4.popen4ext("echo", "foo")
|
||||
Open4.popen4ext(true, "echo foo")
|
||||
Open4.popen4ext(true, "echo", "foo")
|
||||
|
||||
Reference in New Issue
Block a user