hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ruby: Exclude some cases that are unlikely library calls.

Browse Source
This commit is contained in:
Anders Schack-Mulligen
2024-10-16 14:34:18 +02:00
parent c20f12fa6c
commit 42d35f8b9d
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
ruby/ql/lib/codeql/ruby/dataflow/internal/TaintTrackingPrivate.qll
View File

@@ -162,12 +162,16 @@ private module SpeculativeTaintFlow {
predicate speculativeTaintStep(DataFlow::Node src, DataFlow::Node sink) {
exists(
DataFlowDispatch::DataFlowCall call, MethodCall srcCall,
DataFlowDispatch::ArgumentPosition argpos
DataFlowDispatch::ArgumentPosition argpos, MethodCall mc
|
// TODO: exclude neutrals and anything that has QL modeling.
not exists(DataFlowDispatch::viableCallable(call)) and
call.asCall().getExpr() = srcCall and
src.(ArgumentNode).argumentOf(call, argpos)
src.(ArgumentNode).argumentOf(call, argpos) and
call.asCall().getExpr() = mc and
not mc instanceof Operation and
not mc instanceof SetterMethodCall and
not mc instanceof ElementReference
|
not argpos.isSelf() and
sink.(DataFlowPublic::PostUpdateNode)