hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Ruby: Minor refactor of barrier guard code

Browse Source
This commit is contained in:
Harry Maclean
2022-11-24 17:48:41 +13:00
parent 6897fb46cb
commit 2822c94aa7
1 changed files with 30 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
ruby/ql/lib/codeql/ruby/dataflow/BarrierGuards.qll
View File

@@ -31,15 +31,15 @@ private predicate stringConstCompare(CfgNodes::AstCfgNode guard, CfgNode testedN
or or
stringConstCaseCompare(guard, testedNode, branch) stringConstCaseCompare(guard, testedNode, branch)
or or
exists(Ssa::Definition def, CfgNodes::ExprNodes::BinaryOperationCfgNode g | exists(CfgNodes::ExprNodes::BinaryOperationCfgNode g |
g = guard and g = guard and
stringConstCompareOr(guard, def, branch) and stringConstCompareOr(guard, branch) and
stringConstCompare(g.getLeftOperand(), testedNode, _) stringConstCompare(g.getLeftOperand(), testedNode, _)
) )
} }
/** /**
* Holds if `guard` is an `or` expression whose operands are string comparison guards that test `def`. * Holds if `guard` is an `or` expression whose operands are string comparison guards.
* For example: * For example:
* *
* ```rb * ```rb
@@ -47,12 +47,12 @@ private predicate stringConstCompare(CfgNodes::AstCfgNode guard, CfgNode testedN
* ``` * ```
*/ */
private predicate stringConstCompareOr( private predicate stringConstCompareOr(
CfgNodes::ExprNodes::BinaryOperationCfgNode guard, Ssa::Definition def, boolean branch CfgNodes::ExprNodes::BinaryOperationCfgNode guard, boolean branch
) { ) {
guard.getExpr() instanceof LogicalOrExpr and guard.getExpr() instanceof LogicalOrExpr and
branch = true and branch = true and
forall(CfgNode innerGuard | innerGuard = guard.getAnOperand() | forall(CfgNode innerGuard | innerGuard = guard.getAnOperand() |
stringConstCompare(innerGuard, def.getARead(), branch) stringConstCompare(innerGuard, any(Ssa::Definition def).getARead(), branch)
) )
} }
@@ -190,8 +190,8 @@ private predicate stringConstCaseCompare(
exists(CfgNodes::ExprNodes::CaseExprCfgNode case | exists(CfgNodes::ExprNodes::CaseExprCfgNode case |
case.getValue() = testedNode and case.getValue() = testedNode and
( (
exists(CfgNodes::ExprNodes::WhenClauseCfgNode branchNode | guard =
guard = branchNode and any(CfgNodes::ExprNodes::WhenClauseCfgNode branchNode |
branchNode = case.getBranch(_) and branchNode = case.getBranch(_) and
// For simplicity, consider patterns that contain only string literals or arrays of string literals // For simplicity, consider patterns that contain only string literals or arrays of string literals
forall(ExprCfgNode pattern | pattern = branchNode.getPattern(_) | forall(ExprCfgNode pattern | pattern = branchNode.getPattern(_) |
@@ -199,7 +199,8 @@ private predicate stringConstCaseCompare(
// when "foo", "bar" // when "foo", "bar"
pattern instanceof ExprNodes::StringLiteralCfgNode pattern instanceof ExprNodes::StringLiteralCfgNode
or or
exists(CfgNodes::ExprNodes::SplatExprCfgNode splat | splat = pattern | pattern =
any(CfgNodes::ExprNodes::SplatExprCfgNode splat |
// when *["foo", "bar"] // when *["foo", "bar"]
forex(ExprCfgNode elem | forex(ExprCfgNode elem |
elem = splat.getOperand().(ExprNodes::ArrayLiteralCfgNode).getAnArgument() elem = splat.getOperand().(ExprNodes::ArrayLiteralCfgNode).getAnArgument()