hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 18:25:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ruby: Narrow memo method candidates earlier

Browse Source
This commit is contained in:
Harry Maclean
2022-05-23 13:05:26 +01:00
parent ef6f0e5b30
commit 457a84006c
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ruby/ql/lib/codeql/ruby/security/ImproperMemoizationQuery.qll
View File

@@ -79,6 +79,7 @@ private predicate memoReturnedFromMethod(Method m, MemoStmt s) {
* This can cause stale or incorrect values to be returned when the method is called with different arguments.
*/
predicate isImproperMemoizationMethod(Method m, Parameter p, AssignLogicalOrExpr s) {
m instanceof MemoCandidate and
m.getName() != "initialize" and
parameterUsedInMemoValue(m, p, s) and
not parameterUsedInMemoKey(m, p, s) and