hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-29 16:47:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ruby: Address more inline expectation testFailures.

Browse Source
This commit is contained in:
Geoffrey White
2026-06-26 17:56:37 +01:00
parent 93439db87b
commit 46382cbc8e
2 changed files with 12 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
ruby/ql/test/library-tests/frameworks/action_controller/filter_flow.rb
View File

@@ -9,7 +9,7 @@ end
class OneController < ActionController::Base
before_action :a
after_action :c
def a
@foo = params[:foo]
end
@@ -18,14 +18,14 @@ class OneController < ActionController::Base
end
def c
sink @foo
sink @foo # $ hasTaintFlow
end
end
class TwoController < ActionController::Base
before_action :a
after_action :c
def a
@foo = params[:foo]
end
@@ -35,14 +35,14 @@ class TwoController < ActionController::Base
end
def c
sink @foo
sink @foo # $ SPURIOUS: hasTaintFlow
end
end
class ThreeController < ActionController::Base
before_action :a
after_action :c
def a
@foo = params[:foo]
@foo = "safe"
@@ -52,14 +52,14 @@ class ThreeController < ActionController::Base
end
def c
sink @foo
sink @foo # $ SPURIOUS: hasTaintFlow
end
end
class FourController < ActionController::Base
before_action :a
after_action :c
def a
@foo.bar = params[:foo]
end
@@ -68,14 +68,14 @@ class FourController < ActionController::Base
end
def c
sink(@foo.bar)
sink(@foo.bar) # $ hasTaintFlow
end
end
class FiveController < ActionController::Base
before_action :a
after_action :c
def a
self.taint_foo
end
@@ -84,10 +84,10 @@ class FiveController < ActionController::Base
end
def c
sink @foo
sink @foo # $ hasTaintFlow
end
def taint_foo
@foo = params[:foo]
end
end
end

5
ruby/ql/test/library-tests/frameworks/action_controller/params-flow.expected
View File

@@ -270,11 +270,6 @@ nodes
| params_flow.rb:205:10:205:10 | a | semmle.label | a |
subpaths
testFailures
| filter_flow.rb:21:10:21:13 | @foo | Unexpected result: hasTaintFlow |
| filter_flow.rb:38:10:38:13 | @foo | Unexpected result: hasTaintFlow |
| filter_flow.rb:55:10:55:13 | @foo | Unexpected result: hasTaintFlow |
| filter_flow.rb:71:10:71:17 | call to bar | Unexpected result: hasTaintFlow |
| filter_flow.rb:87:11:87:14 | @foo | Unexpected result: hasTaintFlow |
#select
| filter_flow.rb:21:10:21:13 | @foo | filter_flow.rb:14:12:14:17 | call to params | filter_flow.rb:21:10:21:13 | @foo | $@ | filter_flow.rb:14:12:14:17 | call to params | call to params |
| filter_flow.rb:38:10:38:13 | @foo | filter_flow.rb:30:12:30:17 | call to params | filter_flow.rb:38:10:38:13 | @foo | $@ | filter_flow.rb:30:12:30:17 | call to params | call to params |