hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 21:25:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

Apply suggestions from code review

Browse Source 
Co-authored-by: Harry Maclean <hmac@github.com>
This commit is contained in:
Nick Rolfe
2022-11-24 14:00:05 +00:00
parent c660ea100b
commit 1c407a28cd
4 changed files with 11 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
ruby/ql/test/query-tests/security/cwe-209/StackTraceExposure.expected
View File

@@ -1,10 +1,10 @@
edges
| StackTraceExposure.rb:11:10:11:17 | call to caller : | StackTraceExposure.rb:12:12:12:13 | bt |
| StackTraceExposure.rb:11:10:11:17 | call to caller : | StackTraceExposure.rb:12:18:12:19 | bt |
nodes
| StackTraceExposure.rb:6:12:6:22 | call to backtrace | semmle.label | call to backtrace |
| StackTraceExposure.rb:6:18:6:28 | call to backtrace | semmle.label | call to backtrace |
| StackTraceExposure.rb:11:10:11:17 | call to caller : | semmle.label | call to caller : |
| StackTraceExposure.rb:12:12:12:13 | bt | semmle.label | bt |
| StackTraceExposure.rb:12:18:12:19 | bt | semmle.label | bt |
subpaths
#select
| StackTraceExposure.rb:6:12:6:22 | call to backtrace | StackTraceExposure.rb:6:12:6:22 | call to backtrace | StackTraceExposure.rb:6:12:6:22 | call to backtrace | $@ can be exposed to an external user. | StackTraceExposure.rb:6:12:6:22 | call to backtrace | Error information |
| StackTraceExposure.rb:12:12:12:13 | bt | StackTraceExposure.rb:11:10:11:17 | call to caller : | StackTraceExposure.rb:12:12:12:13 | bt | $@ can be exposed to an external user. | StackTraceExposure.rb:11:10:11:17 | call to caller | Error information |
| StackTraceExposure.rb:6:18:6:28 | call to backtrace | StackTraceExposure.rb:6:18:6:28 | call to backtrace | StackTraceExposure.rb:6:18:6:28 | call to backtrace | $@ can be exposed to an external user. | StackTraceExposure.rb:6:18:6:28 | call to backtrace | Error information |
| StackTraceExposure.rb:12:18:12:19 | bt | StackTraceExposure.rb:11:10:11:17 | call to caller : | StackTraceExposure.rb:12:18:12:19 | bt | $@ can be exposed to an external user. | StackTraceExposure.rb:11:10:11:17 | call to caller | Error information |

4
ruby/ql/test/query-tests/security/cwe-209/StackTraceExposure.rb
View File

@@ -3,13 +3,13 @@ class FooController < ApplicationController
def show
something_that_might_fail()
rescue => e
render e.backtrace, content_type: "text/plain"
render body: e.backtrace, content_type: "text/plain"
end
def show2
bt = caller()
render bt, content_type: "text/plain"
render body: bt, content_type: "text/plain"
end
end