diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll index e28860dc515..004944c83e4 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll @@ -783,43 +783,9 @@ class SsaDefinitionNodeImpl extends SsaNode { } } -/** - * A node that represents an input to an SSA phi (read) definition. - * - * This allows for barrier guards to filter input to phi nodes. For example, in - * - * ```rb - * x = taint - * if x != "safe" then - * x = "safe" - * end - * sink x - * ``` - * - * the `false` edge out of `x != "safe"` guards the input from `x = taint` into the - * `phi` node after the condition. - * - * It is also relevant to filter input into phi read nodes: - * - * ```rb - * x = taint - * if b then - * if x != "safe1" then - * return - * end - * else - * if x != "safe2" then - * return - * end - * end - * - * sink x - * ``` - * - * both inputs into the phi read node after the outer condition are guarded. - */ -class SsaInputNode extends SsaNode { - override SsaImpl::DataFlowIntegration::SsaInputNode node; +/** A synthesized SSA read. */ +class SsaSynthReadNode extends SsaNode { + override SsaImpl::DataFlowIntegration::SsaSynthReadNode node; } /** An SSA definition for a `self` variable. */ diff --git a/ruby/ql/test/library-tests/dataflow/barrier-guards/barrier-guards.ql b/ruby/ql/test/library-tests/dataflow/barrier-guards/barrier-guards.ql index 1d0d6388e4f..1bf7461e7fa 100644 --- a/ruby/ql/test/library-tests/dataflow/barrier-guards/barrier-guards.ql +++ b/ruby/ql/test/library-tests/dataflow/barrier-guards/barrier-guards.ql @@ -26,7 +26,7 @@ module BarrierGuardTest implements TestSig { tag = "guarded" and exists(DataFlow::Node n | newStyleBarrierGuards(n) and - not n instanceof SsaInputNode and + not n instanceof SsaSynthReadNode and location = n.getLocation() and element = n.toString() and value = ""