mirror of
https://github.com/github/codeql.git
synced 2026-04-28 18:25:24 +02:00
Ruby: Reimplement flow through captured variables using field flow
This commit is contained in:
Tom Hvitved
@@ -450,10 +450,10 @@ edges
|
||||
| array_flow.rb:403:5:403:5 | a [element 2] | array_flow.rb:404:18:404:18 | a [element 2] |
|
||||
| array_flow.rb:403:16:403:25 | call to source | array_flow.rb:403:5:403:5 | a [element 2] |
|
||||
| array_flow.rb:404:5:404:5 | b [element 2] | array_flow.rb:408:10:408:10 | b [element 2] |
|
||||
| array_flow.rb:404:9:406:7 | __synth__0__1 | array_flow.rb:404:13:404:13 | x |
|
||||
| array_flow.rb:404:13:404:13 | x | array_flow.rb:405:14:405:14 | x |
|
||||
| array_flow.rb:404:13:404:13 | x | array_flow.rb:407:10:407:10 | x |
|
||||
| array_flow.rb:404:9:406:7 | [post] { ... } [captured x] | array_flow.rb:407:10:407:10 | x |
|
||||
| array_flow.rb:404:9:406:7 | __synth__0__1 | array_flow.rb:405:14:405:14 | x |
|
||||
| array_flow.rb:404:18:404:18 | a [element 2] | array_flow.rb:404:5:404:5 | b [element 2] |
|
||||
| array_flow.rb:404:18:404:18 | a [element 2] | array_flow.rb:404:9:406:7 | [post] { ... } [captured x] |
|
||||
| array_flow.rb:404:18:404:18 | a [element 2] | array_flow.rb:404:9:406:7 | __synth__0__1 |
|
||||
| array_flow.rb:408:10:408:10 | b [element 2] | array_flow.rb:408:10:408:13 | ...[...] |
|
||||
| array_flow.rb:412:5:412:5 | a [element 2] | array_flow.rb:413:5:413:5 | a [element 2] |
|
||||
@@ -2609,8 +2609,8 @@ nodes
|
||||
| array_flow.rb:403:5:403:5 | a [element 2] | semmle.label | a [element 2] |
|
||||
| array_flow.rb:403:16:403:25 | call to source | semmle.label | call to source |
|
||||
| array_flow.rb:404:5:404:5 | b [element 2] | semmle.label | b [element 2] |
|
||||
| array_flow.rb:404:9:406:7 | [post] { ... } [captured x] | semmle.label | [post] { ... } [captured x] |
|
||||
| array_flow.rb:404:9:406:7 | __synth__0__1 | semmle.label | __synth__0__1 |
|
||||
| array_flow.rb:404:13:404:13 | x | semmle.label | x |
|
||||
| array_flow.rb:404:18:404:18 | a [element 2] | semmle.label | a [element 2] |
|
||||
| array_flow.rb:405:14:405:14 | x | semmle.label | x |
|
||||
| array_flow.rb:407:10:407:10 | x | semmle.label | x |
|
||||
|
||||
@@ -32,7 +32,8 @@ edges
|
||||
| call_sensitivity.rb:66:20:66:20 | x | call_sensitivity.rb:67:24:67:24 | x |
|
||||
| call_sensitivity.rb:67:24:67:24 | x | call_sensitivity.rb:62:18:62:18 | y |
|
||||
| call_sensitivity.rb:70:30:70:30 | x | call_sensitivity.rb:71:10:71:10 | x |
|
||||
| call_sensitivity.rb:74:18:74:18 | y | call_sensitivity.rb:76:17:76:17 | y |
|
||||
| call_sensitivity.rb:74:18:74:18 | y | call_sensitivity.rb:75:20:77:7 | do ... end [captured y] |
|
||||
| call_sensitivity.rb:75:20:77:7 | do ... end [captured y] | call_sensitivity.rb:76:17:76:17 | y |
|
||||
| call_sensitivity.rb:76:17:76:17 | y | call_sensitivity.rb:50:15:50:15 | x |
|
||||
| call_sensitivity.rb:80:15:80:15 | x | call_sensitivity.rb:81:18:81:18 | x |
|
||||
| call_sensitivity.rb:81:18:81:18 | x | call_sensitivity.rb:50:15:50:15 | x |
|
||||
@@ -121,6 +122,7 @@ nodes
|
||||
| call_sensitivity.rb:70:30:70:30 | x | semmle.label | x |
|
||||
| call_sensitivity.rb:71:10:71:10 | x | semmle.label | x |
|
||||
| call_sensitivity.rb:74:18:74:18 | y | semmle.label | y |
|
||||
| call_sensitivity.rb:75:20:77:7 | do ... end [captured y] | semmle.label | do ... end [captured y] |
|
||||
| call_sensitivity.rb:76:17:76:17 | y | semmle.label | y |
|
||||
| call_sensitivity.rb:80:15:80:15 | x | semmle.label | x |
|
||||
| call_sensitivity.rb:81:18:81:18 | x | semmle.label | x |
|
||||
|
||||
@@ -1,49 +1,115 @@
|
||||
testFailures
|
||||
edges
|
||||
| captured_variables.rb:9:24:9:24 | x | captured_variables.rb:10:20:10:20 | x |
|
||||
| captured_variables.rb:9:24:9:24 | x | captured_variables.rb:10:10:10:23 | -> { ... } [captured x] |
|
||||
| captured_variables.rb:9:24:9:24 | x | captured_variables.rb:11:5:11:6 | fn [captured x] |
|
||||
| captured_variables.rb:10:5:10:6 | fn [captured x] | captured_variables.rb:11:5:11:6 | fn [captured x] |
|
||||
| captured_variables.rb:10:10:10:23 | -> { ... } [captured x] | captured_variables.rb:10:5:10:6 | fn [captured x] |
|
||||
| captured_variables.rb:11:5:11:6 | fn [captured x] | captured_variables.rb:10:20:10:20 | x |
|
||||
| captured_variables.rb:13:20:13:29 | call to taint | captured_variables.rb:9:24:9:24 | x |
|
||||
| captured_variables.rb:29:33:29:33 | x | captured_variables.rb:31:14:31:14 | x |
|
||||
| captured_variables.rb:15:28:15:28 | x | captured_variables.rb:16:5:18:5 | -> { ... } [captured x] |
|
||||
| captured_variables.rb:20:1:20:35 | ( ... ) [captured x] | captured_variables.rb:17:14:17:14 | x |
|
||||
| captured_variables.rb:20:2:20:34 | call to capture_escape_return1 [captured x] | captured_variables.rb:20:1:20:35 | ( ... ) [captured x] |
|
||||
| captured_variables.rb:20:25:20:34 | call to taint | captured_variables.rb:15:28:15:28 | x |
|
||||
| captured_variables.rb:20:25:20:34 | call to taint | captured_variables.rb:20:2:20:34 | call to capture_escape_return1 [captured x] |
|
||||
| captured_variables.rb:22:28:22:28 | x | captured_variables.rb:23:5:25:5 | -> { ... } [captured x] |
|
||||
| captured_variables.rb:27:25:27:57 | call to capture_escape_return2 [captured x] | captured_variables.rb:24:14:24:14 | x |
|
||||
| captured_variables.rb:27:48:27:57 | call to taint | captured_variables.rb:22:28:22:28 | x |
|
||||
| captured_variables.rb:27:48:27:57 | call to taint | captured_variables.rb:27:25:27:57 | call to capture_escape_return2 [captured x] |
|
||||
| captured_variables.rb:29:33:29:33 | x | captured_variables.rb:30:10:32:5 | -> { ... } [captured x] |
|
||||
| captured_variables.rb:29:33:29:33 | x | captured_variables.rb:33:29:33:30 | fn [captured x] |
|
||||
| captured_variables.rb:30:5:30:6 | fn [captured x] | captured_variables.rb:33:29:33:30 | fn [captured x] |
|
||||
| captured_variables.rb:30:10:32:5 | -> { ... } [captured x] | captured_variables.rb:30:5:30:6 | fn [captured x] |
|
||||
| captured_variables.rb:33:29:33:30 | fn [captured x] | captured_variables.rb:31:14:31:14 | x |
|
||||
| captured_variables.rb:35:29:35:38 | call to taint | captured_variables.rb:29:33:29:33 | x |
|
||||
| captured_variables.rb:40:31:40:31 | x | captured_variables.rb:42:14:42:14 | x |
|
||||
| captured_variables.rb:37:13:37:14 | fn [captured x] | captured_variables.rb:38:5:38:6 | fn [captured x] |
|
||||
| captured_variables.rb:38:5:38:6 | fn [captured x] | captured_variables.rb:42:14:42:14 | x |
|
||||
| captured_variables.rb:40:31:40:31 | x | captured_variables.rb:41:10:43:5 | -> { ... } [captured x] |
|
||||
| captured_variables.rb:40:31:40:31 | x | captured_variables.rb:44:13:44:14 | fn [captured x] |
|
||||
| captured_variables.rb:41:5:41:6 | fn [captured x] | captured_variables.rb:44:13:44:14 | fn [captured x] |
|
||||
| captured_variables.rb:41:10:43:5 | -> { ... } [captured x] | captured_variables.rb:41:5:41:6 | fn [captured x] |
|
||||
| captured_variables.rb:44:13:44:14 | fn [captured x] | captured_variables.rb:37:13:37:14 | fn [captured x] |
|
||||
| captured_variables.rb:46:27:46:36 | call to taint | captured_variables.rb:40:31:40:31 | x |
|
||||
| captured_variables.rb:48:1:48:1 | x | captured_variables.rb:50:10:50:10 | x |
|
||||
| captured_variables.rb:48:5:48:12 | call to taint | captured_variables.rb:48:1:48:1 | x |
|
||||
| captured_variables.rb:51:5:51:5 | x | captured_variables.rb:54:6:54:6 | x |
|
||||
| captured_variables.rb:51:9:51:16 | call to taint | captured_variables.rb:51:5:51:5 | x |
|
||||
| captured_variables.rb:48:5:48:12 | call to taint | captured_variables.rb:49:16:52:3 | do ... end [captured x] |
|
||||
| captured_variables.rb:48:5:48:12 | call to taint | captured_variables.rb:54:6:54:6 | x |
|
||||
| captured_variables.rb:49:16:52:3 | [post] do ... end [captured x] | captured_variables.rb:54:6:54:6 | x |
|
||||
| captured_variables.rb:49:16:52:3 | do ... end [captured x] | captured_variables.rb:50:10:50:10 | x |
|
||||
| captured_variables.rb:51:9:51:16 | call to taint | captured_variables.rb:49:16:52:3 | [post] do ... end [captured x] |
|
||||
| captured_variables.rb:57:19:57:19 | x | captured_variables.rb:58:18:58:18 | x |
|
||||
| captured_variables.rb:58:18:58:18 | x | captured_variables.rb:58:9:58:14 | [post] self [@field] |
|
||||
| captured_variables.rb:60:5:62:7 | self in get_field [@field] | captured_variables.rb:61:16:61:21 | self [@field] |
|
||||
| captured_variables.rb:61:16:61:21 | @field | captured_variables.rb:61:9:61:21 | return |
|
||||
| captured_variables.rb:61:16:61:21 | self [@field] | captured_variables.rb:61:16:61:21 | @field |
|
||||
| captured_variables.rb:66:1:66:3 | [post] foo [@field] | captured_variables.rb:67:16:70:3 | do ... end [captured foo, @field] |
|
||||
| captured_variables.rb:66:1:66:3 | [post] foo [@field] | captured_variables.rb:72:6:72:8 | foo [@field] |
|
||||
| captured_variables.rb:66:15:66:22 | call to taint | captured_variables.rb:57:19:57:19 | x |
|
||||
| captured_variables.rb:66:15:66:22 | call to taint | captured_variables.rb:66:1:66:3 | [post] foo [@field] |
|
||||
| captured_variables.rb:66:15:66:22 | call to taint | instance_variables.rb:10:19:10:19 | x |
|
||||
| captured_variables.rb:67:16:70:3 | [post] do ... end [captured foo, @field] | captured_variables.rb:72:6:72:8 | foo [@field] |
|
||||
| captured_variables.rb:67:16:70:3 | do ... end [captured foo, @field] | captured_variables.rb:68:10:68:12 | foo [@field] |
|
||||
| captured_variables.rb:68:10:68:12 | foo [@field] | captured_variables.rb:60:5:62:7 | self in get_field [@field] |
|
||||
| captured_variables.rb:68:10:68:12 | foo [@field] | captured_variables.rb:68:10:68:22 | call to get_field |
|
||||
| captured_variables.rb:68:10:68:12 | foo [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
|
||||
| captured_variables.rb:69:5:69:7 | [post] foo [@field] | captured_variables.rb:67:16:70:3 | [post] do ... end [captured foo, @field] |
|
||||
| captured_variables.rb:69:19:69:26 | call to taint | captured_variables.rb:57:19:57:19 | x |
|
||||
| captured_variables.rb:69:19:69:26 | call to taint | captured_variables.rb:69:5:69:7 | [post] foo [@field] |
|
||||
| captured_variables.rb:69:19:69:26 | call to taint | instance_variables.rb:10:19:10:19 | x |
|
||||
| captured_variables.rb:72:6:72:8 | foo [@field] | captured_variables.rb:60:5:62:7 | self in get_field [@field] |
|
||||
| captured_variables.rb:72:6:72:8 | foo [@field] | captured_variables.rb:72:6:72:18 | call to get_field |
|
||||
| captured_variables.rb:72:6:72:8 | foo [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
|
||||
| captured_variables.rb:85:1:85:1 | y | captured_variables.rb:87:10:87:10 | y |
|
||||
| captured_variables.rb:85:5:85:12 | call to taint | captured_variables.rb:85:1:85:1 | y |
|
||||
| captured_variables.rb:88:5:88:5 | y | captured_variables.rb:87:10:87:10 | y |
|
||||
| captured_variables.rb:88:5:88:5 | y | captured_variables.rb:91:6:91:6 | y |
|
||||
| captured_variables.rb:88:9:88:16 | call to taint | captured_variables.rb:88:5:88:5 | y |
|
||||
| captured_variables.rb:78:20:80:7 | [post] do ... end [captured foo, @field] | captured_variables.rb:83:6:83:8 | foo [@field] |
|
||||
| captured_variables.rb:79:9:79:11 | [post] foo [@field] | captured_variables.rb:78:20:80:7 | [post] do ... end [captured foo, @field] |
|
||||
| captured_variables.rb:79:23:79:30 | call to taint | captured_variables.rb:57:19:57:19 | x |
|
||||
| captured_variables.rb:79:23:79:30 | call to taint | captured_variables.rb:79:9:79:11 | [post] foo [@field] |
|
||||
| captured_variables.rb:79:23:79:30 | call to taint | instance_variables.rb:10:19:10:19 | x |
|
||||
| captured_variables.rb:83:6:83:8 | foo [@field] | captured_variables.rb:60:5:62:7 | self in get_field [@field] |
|
||||
| captured_variables.rb:83:6:83:8 | foo [@field] | captured_variables.rb:83:6:83:18 | call to get_field |
|
||||
| captured_variables.rb:83:6:83:8 | foo [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
|
||||
| captured_variables.rb:85:5:85:12 | call to taint | captured_variables.rb:86:6:89:1 | -> { ... } [captured y] |
|
||||
| captured_variables.rb:85:5:85:12 | call to taint | captured_variables.rb:90:1:90:2 | fn [captured y] |
|
||||
| captured_variables.rb:85:5:85:12 | call to taint | captured_variables.rb:91:6:91:6 | y |
|
||||
| captured_variables.rb:86:1:86:2 | fn [captured y] | captured_variables.rb:90:1:90:2 | fn [captured y] |
|
||||
| captured_variables.rb:86:6:89:1 | -> { ... } [captured y] | captured_variables.rb:86:1:86:2 | fn [captured y] |
|
||||
| captured_variables.rb:88:9:88:16 | call to taint | captured_variables.rb:90:1:90:2 | [post] fn [captured y] |
|
||||
| captured_variables.rb:90:1:90:2 | [post] fn [captured y] | captured_variables.rb:91:6:91:6 | y |
|
||||
| captured_variables.rb:90:1:90:2 | fn [captured y] | captured_variables.rb:87:10:87:10 | y |
|
||||
| captured_variables.rb:93:17:93:17 | x | captured_variables.rb:94:5:96:5 | -> { ... } [captured x] |
|
||||
| captured_variables.rb:98:1:98:21 | call to capture_arg [captured x] | captured_variables.rb:95:14:95:14 | x |
|
||||
| captured_variables.rb:98:13:98:20 | call to taint | captured_variables.rb:93:17:93:17 | x |
|
||||
| captured_variables.rb:98:13:98:20 | call to taint | captured_variables.rb:98:1:98:21 | call to capture_arg [captured x] |
|
||||
| captured_variables.rb:100:21:100:21 | x | captured_variables.rb:101:11:101:11 | x |
|
||||
| captured_variables.rb:101:11:101:11 | x | captured_variables.rb:104:31:104:31 | x |
|
||||
| captured_variables.rb:104:17:104:24 | call to taint | captured_variables.rb:100:21:100:21 | x |
|
||||
| captured_variables.rb:104:31:104:31 | x | captured_variables.rb:105:10:105:10 | x |
|
||||
| captured_variables.rb:109:5:109:5 | x | captured_variables.rb:112:18:112:18 | x |
|
||||
| captured_variables.rb:109:9:109:17 | call to taint | captured_variables.rb:109:5:109:5 | x |
|
||||
| captured_variables.rb:113:13:113:13 | x | captured_variables.rb:112:18:112:18 | x |
|
||||
| captured_variables.rb:113:13:113:13 | x | captured_variables.rb:118:10:118:10 | x |
|
||||
| captured_variables.rb:113:17:113:25 | call to taint | captured_variables.rb:113:13:113:13 | x |
|
||||
| captured_variables.rb:109:9:109:17 | call to taint | captured_variables.rb:110:14:116:5 | -> { ... } [captured x] |
|
||||
| captured_variables.rb:109:9:109:17 | call to taint | captured_variables.rb:117:5:117:10 | middle [captured x] |
|
||||
| captured_variables.rb:109:9:109:17 | call to taint | captured_variables.rb:118:10:118:10 | x |
|
||||
| captured_variables.rb:110:5:110:10 | middle [captured x] | captured_variables.rb:117:5:117:10 | middle [captured x] |
|
||||
| captured_variables.rb:110:14:116:5 | -> { ... } [captured x] | captured_variables.rb:110:5:110:10 | middle [captured x] |
|
||||
| captured_variables.rb:111:9:111:13 | inner [captured x] | captured_variables.rb:115:9:115:13 | inner [captured x] |
|
||||
| captured_variables.rb:111:17:114:9 | -> { ... } [captured x] | captured_variables.rb:111:9:111:13 | inner [captured x] |
|
||||
| captured_variables.rb:113:17:113:25 | call to taint | captured_variables.rb:115:9:115:13 | [post] inner [captured x] |
|
||||
| captured_variables.rb:115:9:115:13 | [post] inner [captured x] | captured_variables.rb:117:5:117:10 | [post] middle [captured x] |
|
||||
| captured_variables.rb:115:9:115:13 | inner [captured x] | captured_variables.rb:112:18:112:18 | x |
|
||||
| captured_variables.rb:117:5:117:10 | [post] middle [captured x] | captured_variables.rb:118:10:118:10 | x |
|
||||
| captured_variables.rb:117:5:117:10 | middle [captured x] | captured_variables.rb:111:17:114:9 | -> { ... } [captured x] |
|
||||
| captured_variables.rb:117:5:117:10 | middle [captured x] | captured_variables.rb:115:9:115:13 | inner [captured x] |
|
||||
| captured_variables.rb:147:5:147:6 | [post] self [@x] | captured_variables.rb:153:14:155:7 | do ... end [captured self, @x] |
|
||||
| captured_variables.rb:147:10:147:18 | call to taint | captured_variables.rb:147:5:147:6 | [post] self [@x] |
|
||||
| captured_variables.rb:149:5:151:7 | &block [captured self, @x] | captured_variables.rb:154:14:154:15 | self [@x] |
|
||||
| captured_variables.rb:153:14:155:7 | do ... end [captured self, @x] | captured_variables.rb:149:5:151:7 | &block [captured self, @x] |
|
||||
| captured_variables.rb:154:14:154:15 | self [@x] | captured_variables.rb:154:14:154:15 | @x |
|
||||
| captured_variables.rb:160:9:160:10 | [post] self [@x] | captured_variables.rb:174:1:174:24 | call to new [@x] |
|
||||
| captured_variables.rb:160:14:160:22 | call to taint | captured_variables.rb:160:9:160:10 | [post] self [@x] |
|
||||
| captured_variables.rb:167:5:171:7 | self in baz [@x] | captured_variables.rb:169:18:169:19 | self [@x] |
|
||||
| captured_variables.rb:163:5:165:7 | &block [captured self, @x] | captured_variables.rb:169:18:169:19 | self [@x] |
|
||||
| captured_variables.rb:167:5:171:7 | self in baz [@x] | captured_variables.rb:168:18:170:11 | do ... end [captured self, @x] |
|
||||
| captured_variables.rb:168:18:170:11 | do ... end [captured self, @x] | captured_variables.rb:163:5:165:7 | &block [captured self, @x] |
|
||||
| captured_variables.rb:169:18:169:19 | self [@x] | captured_variables.rb:169:18:169:19 | @x |
|
||||
| captured_variables.rb:174:1:174:24 | call to new [@x] | captured_variables.rb:167:5:171:7 | self in baz [@x] |
|
||||
| captured_variables.rb:178:9:178:10 | [post] self [@x] | captured_variables.rb:193:1:193:1 | [post] c [@x] |
|
||||
| captured_variables.rb:178:14:178:22 | call to taint | captured_variables.rb:178:9:178:10 | [post] self [@x] |
|
||||
| captured_variables.rb:185:5:189:7 | self in baz [@x] | captured_variables.rb:187:18:187:19 | self [@x] |
|
||||
| captured_variables.rb:181:5:183:7 | &block [captured self, @x] | captured_variables.rb:187:18:187:19 | self [@x] |
|
||||
| captured_variables.rb:185:5:189:7 | self in baz [@x] | captured_variables.rb:186:18:188:11 | do ... end [captured self, @x] |
|
||||
| captured_variables.rb:186:18:188:11 | do ... end [captured self, @x] | captured_variables.rb:181:5:183:7 | &block [captured self, @x] |
|
||||
| captured_variables.rb:187:18:187:19 | self [@x] | captured_variables.rb:187:18:187:19 | @x |
|
||||
| captured_variables.rb:193:1:193:1 | [post] c [@x] | captured_variables.rb:194:1:194:1 | c [@x] |
|
||||
| captured_variables.rb:194:1:194:1 | c [@x] | captured_variables.rb:185:5:189:7 | self in baz [@x] |
|
||||
@@ -188,18 +254,40 @@ edges
|
||||
| instance_variables.rb:121:7:121:24 | call to new | instance_variables.rb:121:1:121:3 | bar |
|
||||
nodes
|
||||
| captured_variables.rb:9:24:9:24 | x | semmle.label | x |
|
||||
| captured_variables.rb:10:5:10:6 | fn [captured x] | semmle.label | fn [captured x] |
|
||||
| captured_variables.rb:10:10:10:23 | -> { ... } [captured x] | semmle.label | -> { ... } [captured x] |
|
||||
| captured_variables.rb:10:20:10:20 | x | semmle.label | x |
|
||||
| captured_variables.rb:11:5:11:6 | fn [captured x] | semmle.label | fn [captured x] |
|
||||
| captured_variables.rb:13:20:13:29 | call to taint | semmle.label | call to taint |
|
||||
| captured_variables.rb:15:28:15:28 | x | semmle.label | x |
|
||||
| captured_variables.rb:16:5:18:5 | -> { ... } [captured x] | semmle.label | -> { ... } [captured x] |
|
||||
| captured_variables.rb:17:14:17:14 | x | semmle.label | x |
|
||||
| captured_variables.rb:20:1:20:35 | ( ... ) [captured x] | semmle.label | ( ... ) [captured x] |
|
||||
| captured_variables.rb:20:2:20:34 | call to capture_escape_return1 [captured x] | semmle.label | call to capture_escape_return1 [captured x] |
|
||||
| captured_variables.rb:20:25:20:34 | call to taint | semmle.label | call to taint |
|
||||
| captured_variables.rb:22:28:22:28 | x | semmle.label | x |
|
||||
| captured_variables.rb:23:5:25:5 | -> { ... } [captured x] | semmle.label | -> { ... } [captured x] |
|
||||
| captured_variables.rb:24:14:24:14 | x | semmle.label | x |
|
||||
| captured_variables.rb:27:25:27:57 | call to capture_escape_return2 [captured x] | semmle.label | call to capture_escape_return2 [captured x] |
|
||||
| captured_variables.rb:27:48:27:57 | call to taint | semmle.label | call to taint |
|
||||
| captured_variables.rb:29:33:29:33 | x | semmle.label | x |
|
||||
| captured_variables.rb:30:5:30:6 | fn [captured x] | semmle.label | fn [captured x] |
|
||||
| captured_variables.rb:30:10:32:5 | -> { ... } [captured x] | semmle.label | -> { ... } [captured x] |
|
||||
| captured_variables.rb:31:14:31:14 | x | semmle.label | x |
|
||||
| captured_variables.rb:33:29:33:30 | fn [captured x] | semmle.label | fn [captured x] |
|
||||
| captured_variables.rb:35:29:35:38 | call to taint | semmle.label | call to taint |
|
||||
| captured_variables.rb:37:13:37:14 | fn [captured x] | semmle.label | fn [captured x] |
|
||||
| captured_variables.rb:38:5:38:6 | fn [captured x] | semmle.label | fn [captured x] |
|
||||
| captured_variables.rb:40:31:40:31 | x | semmle.label | x |
|
||||
| captured_variables.rb:41:5:41:6 | fn [captured x] | semmle.label | fn [captured x] |
|
||||
| captured_variables.rb:41:10:43:5 | -> { ... } [captured x] | semmle.label | -> { ... } [captured x] |
|
||||
| captured_variables.rb:42:14:42:14 | x | semmle.label | x |
|
||||
| captured_variables.rb:44:13:44:14 | fn [captured x] | semmle.label | fn [captured x] |
|
||||
| captured_variables.rb:46:27:46:36 | call to taint | semmle.label | call to taint |
|
||||
| captured_variables.rb:48:1:48:1 | x | semmle.label | x |
|
||||
| captured_variables.rb:48:5:48:12 | call to taint | semmle.label | call to taint |
|
||||
| captured_variables.rb:49:16:52:3 | [post] do ... end [captured x] | semmle.label | [post] do ... end [captured x] |
|
||||
| captured_variables.rb:49:16:52:3 | do ... end [captured x] | semmle.label | do ... end [captured x] |
|
||||
| captured_variables.rb:50:10:50:10 | x | semmle.label | x |
|
||||
| captured_variables.rb:51:5:51:5 | x | semmle.label | x |
|
||||
| captured_variables.rb:51:9:51:16 | call to taint | semmle.label | call to taint |
|
||||
| captured_variables.rb:54:6:54:6 | x | semmle.label | x |
|
||||
| captured_variables.rb:57:19:57:19 | x | semmle.label | x |
|
||||
@@ -211,34 +299,68 @@ nodes
|
||||
| captured_variables.rb:61:16:61:21 | self [@field] | semmle.label | self [@field] |
|
||||
| captured_variables.rb:66:1:66:3 | [post] foo [@field] | semmle.label | [post] foo [@field] |
|
||||
| captured_variables.rb:66:15:66:22 | call to taint | semmle.label | call to taint |
|
||||
| captured_variables.rb:67:16:70:3 | [post] do ... end [captured foo, @field] | semmle.label | [post] do ... end [captured foo, @field] |
|
||||
| captured_variables.rb:67:16:70:3 | do ... end [captured foo, @field] | semmle.label | do ... end [captured foo, @field] |
|
||||
| captured_variables.rb:68:10:68:12 | foo [@field] | semmle.label | foo [@field] |
|
||||
| captured_variables.rb:68:10:68:22 | call to get_field | semmle.label | call to get_field |
|
||||
| captured_variables.rb:69:5:69:7 | [post] foo [@field] | semmle.label | [post] foo [@field] |
|
||||
| captured_variables.rb:69:19:69:26 | call to taint | semmle.label | call to taint |
|
||||
| captured_variables.rb:72:6:72:8 | foo [@field] | semmle.label | foo [@field] |
|
||||
| captured_variables.rb:72:6:72:18 | call to get_field | semmle.label | call to get_field |
|
||||
| captured_variables.rb:85:1:85:1 | y | semmle.label | y |
|
||||
| captured_variables.rb:78:20:80:7 | [post] do ... end [captured foo, @field] | semmle.label | [post] do ... end [captured foo, @field] |
|
||||
| captured_variables.rb:79:9:79:11 | [post] foo [@field] | semmle.label | [post] foo [@field] |
|
||||
| captured_variables.rb:79:23:79:30 | call to taint | semmle.label | call to taint |
|
||||
| captured_variables.rb:83:6:83:8 | foo [@field] | semmle.label | foo [@field] |
|
||||
| captured_variables.rb:83:6:83:18 | call to get_field | semmle.label | call to get_field |
|
||||
| captured_variables.rb:85:5:85:12 | call to taint | semmle.label | call to taint |
|
||||
| captured_variables.rb:86:1:86:2 | fn [captured y] | semmle.label | fn [captured y] |
|
||||
| captured_variables.rb:86:6:89:1 | -> { ... } [captured y] | semmle.label | -> { ... } [captured y] |
|
||||
| captured_variables.rb:87:10:87:10 | y | semmle.label | y |
|
||||
| captured_variables.rb:88:5:88:5 | y | semmle.label | y |
|
||||
| captured_variables.rb:88:9:88:16 | call to taint | semmle.label | call to taint |
|
||||
| captured_variables.rb:90:1:90:2 | [post] fn [captured y] | semmle.label | [post] fn [captured y] |
|
||||
| captured_variables.rb:90:1:90:2 | fn [captured y] | semmle.label | fn [captured y] |
|
||||
| captured_variables.rb:91:6:91:6 | y | semmle.label | y |
|
||||
| captured_variables.rb:93:17:93:17 | x | semmle.label | x |
|
||||
| captured_variables.rb:94:5:96:5 | -> { ... } [captured x] | semmle.label | -> { ... } [captured x] |
|
||||
| captured_variables.rb:95:14:95:14 | x | semmle.label | x |
|
||||
| captured_variables.rb:98:1:98:21 | call to capture_arg [captured x] | semmle.label | call to capture_arg [captured x] |
|
||||
| captured_variables.rb:98:13:98:20 | call to taint | semmle.label | call to taint |
|
||||
| captured_variables.rb:100:21:100:21 | x | semmle.label | x |
|
||||
| captured_variables.rb:101:11:101:11 | x | semmle.label | x |
|
||||
| captured_variables.rb:104:17:104:24 | call to taint | semmle.label | call to taint |
|
||||
| captured_variables.rb:104:31:104:31 | x | semmle.label | x |
|
||||
| captured_variables.rb:105:10:105:10 | x | semmle.label | x |
|
||||
| captured_variables.rb:109:5:109:5 | x | semmle.label | x |
|
||||
| captured_variables.rb:109:9:109:17 | call to taint | semmle.label | call to taint |
|
||||
| captured_variables.rb:110:5:110:10 | middle [captured x] | semmle.label | middle [captured x] |
|
||||
| captured_variables.rb:110:14:116:5 | -> { ... } [captured x] | semmle.label | -> { ... } [captured x] |
|
||||
| captured_variables.rb:111:9:111:13 | inner [captured x] | semmle.label | inner [captured x] |
|
||||
| captured_variables.rb:111:17:114:9 | -> { ... } [captured x] | semmle.label | -> { ... } [captured x] |
|
||||
| captured_variables.rb:112:18:112:18 | x | semmle.label | x |
|
||||
| captured_variables.rb:113:13:113:13 | x | semmle.label | x |
|
||||
| captured_variables.rb:113:17:113:25 | call to taint | semmle.label | call to taint |
|
||||
| captured_variables.rb:115:9:115:13 | [post] inner [captured x] | semmle.label | [post] inner [captured x] |
|
||||
| captured_variables.rb:115:9:115:13 | inner [captured x] | semmle.label | inner [captured x] |
|
||||
| captured_variables.rb:117:5:117:10 | [post] middle [captured x] | semmle.label | [post] middle [captured x] |
|
||||
| captured_variables.rb:117:5:117:10 | middle [captured x] | semmle.label | middle [captured x] |
|
||||
| captured_variables.rb:118:10:118:10 | x | semmle.label | x |
|
||||
| captured_variables.rb:147:5:147:6 | [post] self [@x] | semmle.label | [post] self [@x] |
|
||||
| captured_variables.rb:147:10:147:18 | call to taint | semmle.label | call to taint |
|
||||
| captured_variables.rb:149:5:151:7 | &block [captured self, @x] | semmle.label | &block [captured self, @x] |
|
||||
| captured_variables.rb:153:14:155:7 | do ... end [captured self, @x] | semmle.label | do ... end [captured self, @x] |
|
||||
| captured_variables.rb:154:14:154:15 | @x | semmle.label | @x |
|
||||
| captured_variables.rb:154:14:154:15 | self [@x] | semmle.label | self [@x] |
|
||||
| captured_variables.rb:160:9:160:10 | [post] self [@x] | semmle.label | [post] self [@x] |
|
||||
| captured_variables.rb:160:14:160:22 | call to taint | semmle.label | call to taint |
|
||||
| captured_variables.rb:163:5:165:7 | &block [captured self, @x] | semmle.label | &block [captured self, @x] |
|
||||
| captured_variables.rb:167:5:171:7 | self in baz [@x] | semmle.label | self in baz [@x] |
|
||||
| captured_variables.rb:168:18:170:11 | do ... end [captured self, @x] | semmle.label | do ... end [captured self, @x] |
|
||||
| captured_variables.rb:169:18:169:19 | @x | semmle.label | @x |
|
||||
| captured_variables.rb:169:18:169:19 | self [@x] | semmle.label | self [@x] |
|
||||
| captured_variables.rb:174:1:174:24 | call to new [@x] | semmle.label | call to new [@x] |
|
||||
| captured_variables.rb:178:9:178:10 | [post] self [@x] | semmle.label | [post] self [@x] |
|
||||
| captured_variables.rb:178:14:178:22 | call to taint | semmle.label | call to taint |
|
||||
| captured_variables.rb:181:5:183:7 | &block [captured self, @x] | semmle.label | &block [captured self, @x] |
|
||||
| captured_variables.rb:185:5:189:7 | self in baz [@x] | semmle.label | self in baz [@x] |
|
||||
| captured_variables.rb:186:18:188:11 | do ... end [captured self, @x] | semmle.label | do ... end [captured self, @x] |
|
||||
| captured_variables.rb:187:18:187:19 | @x | semmle.label | @x |
|
||||
| captured_variables.rb:187:18:187:19 | self [@x] | semmle.label | self [@x] |
|
||||
| captured_variables.rb:193:1:193:1 | [post] c [@x] | semmle.label | [post] c [@x] |
|
||||
@@ -348,10 +470,21 @@ nodes
|
||||
| instance_variables.rb:121:7:121:24 | call to new | semmle.label | call to new |
|
||||
| instance_variables.rb:122:6:122:8 | bar | semmle.label | bar |
|
||||
subpaths
|
||||
| captured_variables.rb:20:25:20:34 | call to taint | captured_variables.rb:15:28:15:28 | x | captured_variables.rb:16:5:18:5 | -> { ... } [captured x] | captured_variables.rb:20:2:20:34 | call to capture_escape_return1 [captured x] |
|
||||
| captured_variables.rb:27:48:27:57 | call to taint | captured_variables.rb:22:28:22:28 | x | captured_variables.rb:23:5:25:5 | -> { ... } [captured x] | captured_variables.rb:27:25:27:57 | call to capture_escape_return2 [captured x] |
|
||||
| captured_variables.rb:66:15:66:22 | call to taint | captured_variables.rb:57:19:57:19 | x | captured_variables.rb:58:9:58:14 | [post] self [@field] | captured_variables.rb:66:1:66:3 | [post] foo [@field] |
|
||||
| captured_variables.rb:66:15:66:22 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | captured_variables.rb:66:1:66:3 | [post] foo [@field] |
|
||||
| captured_variables.rb:68:10:68:12 | foo [@field] | captured_variables.rb:60:5:62:7 | self in get_field [@field] | captured_variables.rb:61:9:61:21 | return | captured_variables.rb:68:10:68:22 | call to get_field |
|
||||
| captured_variables.rb:68:10:68:12 | foo [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | captured_variables.rb:68:10:68:22 | call to get_field |
|
||||
| captured_variables.rb:69:19:69:26 | call to taint | captured_variables.rb:57:19:57:19 | x | captured_variables.rb:58:9:58:14 | [post] self [@field] | captured_variables.rb:69:5:69:7 | [post] foo [@field] |
|
||||
| captured_variables.rb:69:19:69:26 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | captured_variables.rb:69:5:69:7 | [post] foo [@field] |
|
||||
| captured_variables.rb:72:6:72:8 | foo [@field] | captured_variables.rb:60:5:62:7 | self in get_field [@field] | captured_variables.rb:61:9:61:21 | return | captured_variables.rb:72:6:72:18 | call to get_field |
|
||||
| captured_variables.rb:72:6:72:8 | foo [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | captured_variables.rb:72:6:72:18 | call to get_field |
|
||||
| captured_variables.rb:79:23:79:30 | call to taint | captured_variables.rb:57:19:57:19 | x | captured_variables.rb:58:9:58:14 | [post] self [@field] | captured_variables.rb:79:9:79:11 | [post] foo [@field] |
|
||||
| captured_variables.rb:79:23:79:30 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | captured_variables.rb:79:9:79:11 | [post] foo [@field] |
|
||||
| captured_variables.rb:83:6:83:8 | foo [@field] | captured_variables.rb:60:5:62:7 | self in get_field [@field] | captured_variables.rb:61:9:61:21 | return | captured_variables.rb:83:6:83:18 | call to get_field |
|
||||
| captured_variables.rb:83:6:83:8 | foo [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | captured_variables.rb:83:6:83:18 | call to get_field |
|
||||
| captured_variables.rb:98:13:98:20 | call to taint | captured_variables.rb:93:17:93:17 | x | captured_variables.rb:94:5:96:5 | -> { ... } [captured x] | captured_variables.rb:98:1:98:21 | call to capture_arg [captured x] |
|
||||
| instance_variables.rb:28:20:28:24 | field | instance_variables.rb:22:20:22:24 | field | instance_variables.rb:23:9:23:14 | [post] self [@field] | instance_variables.rb:28:9:28:25 | [post] self [@field] |
|
||||
| instance_variables.rb:33:13:33:13 | x | instance_variables.rb:22:20:22:24 | field | instance_variables.rb:23:9:23:14 | [post] self [@field] | instance_variables.rb:33:9:33:14 | call to new [@field] |
|
||||
| instance_variables.rb:36:10:36:23 | call to new [@field] | captured_variables.rb:60:5:62:7 | self in get_field [@field] | captured_variables.rb:61:9:61:21 | return | instance_variables.rb:36:10:36:33 | call to get_field |
|
||||
@@ -416,18 +549,26 @@ subpaths
|
||||
| instance_variables.rb:120:6:120:10 | foo16 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:120:6:120:20 | call to get_field |
|
||||
#select
|
||||
| captured_variables.rb:10:20:10:20 | x | captured_variables.rb:13:20:13:29 | call to taint | captured_variables.rb:10:20:10:20 | x | $@ | captured_variables.rb:13:20:13:29 | call to taint | call to taint |
|
||||
| captured_variables.rb:17:14:17:14 | x | captured_variables.rb:20:25:20:34 | call to taint | captured_variables.rb:17:14:17:14 | x | $@ | captured_variables.rb:20:25:20:34 | call to taint | call to taint |
|
||||
| captured_variables.rb:24:14:24:14 | x | captured_variables.rb:27:48:27:57 | call to taint | captured_variables.rb:24:14:24:14 | x | $@ | captured_variables.rb:27:48:27:57 | call to taint | call to taint |
|
||||
| captured_variables.rb:31:14:31:14 | x | captured_variables.rb:35:29:35:38 | call to taint | captured_variables.rb:31:14:31:14 | x | $@ | captured_variables.rb:35:29:35:38 | call to taint | call to taint |
|
||||
| captured_variables.rb:42:14:42:14 | x | captured_variables.rb:46:27:46:36 | call to taint | captured_variables.rb:42:14:42:14 | x | $@ | captured_variables.rb:46:27:46:36 | call to taint | call to taint |
|
||||
| captured_variables.rb:50:10:50:10 | x | captured_variables.rb:48:5:48:12 | call to taint | captured_variables.rb:50:10:50:10 | x | $@ | captured_variables.rb:48:5:48:12 | call to taint | call to taint |
|
||||
| captured_variables.rb:54:6:54:6 | x | captured_variables.rb:48:5:48:12 | call to taint | captured_variables.rb:54:6:54:6 | x | $@ | captured_variables.rb:48:5:48:12 | call to taint | call to taint |
|
||||
| captured_variables.rb:54:6:54:6 | x | captured_variables.rb:51:9:51:16 | call to taint | captured_variables.rb:54:6:54:6 | x | $@ | captured_variables.rb:51:9:51:16 | call to taint | call to taint |
|
||||
| captured_variables.rb:68:10:68:22 | call to get_field | captured_variables.rb:66:15:66:22 | call to taint | captured_variables.rb:68:10:68:22 | call to get_field | $@ | captured_variables.rb:66:15:66:22 | call to taint | call to taint |
|
||||
| captured_variables.rb:72:6:72:18 | call to get_field | captured_variables.rb:66:15:66:22 | call to taint | captured_variables.rb:72:6:72:18 | call to get_field | $@ | captured_variables.rb:66:15:66:22 | call to taint | call to taint |
|
||||
| captured_variables.rb:72:6:72:18 | call to get_field | captured_variables.rb:69:19:69:26 | call to taint | captured_variables.rb:72:6:72:18 | call to get_field | $@ | captured_variables.rb:69:19:69:26 | call to taint | call to taint |
|
||||
| captured_variables.rb:83:6:83:18 | call to get_field | captured_variables.rb:79:23:79:30 | call to taint | captured_variables.rb:83:6:83:18 | call to get_field | $@ | captured_variables.rb:79:23:79:30 | call to taint | call to taint |
|
||||
| captured_variables.rb:87:10:87:10 | y | captured_variables.rb:85:5:85:12 | call to taint | captured_variables.rb:87:10:87:10 | y | $@ | captured_variables.rb:85:5:85:12 | call to taint | call to taint |
|
||||
| captured_variables.rb:87:10:87:10 | y | captured_variables.rb:88:9:88:16 | call to taint | captured_variables.rb:87:10:87:10 | y | $@ | captured_variables.rb:88:9:88:16 | call to taint | call to taint |
|
||||
| captured_variables.rb:91:6:91:6 | y | captured_variables.rb:85:5:85:12 | call to taint | captured_variables.rb:91:6:91:6 | y | $@ | captured_variables.rb:85:5:85:12 | call to taint | call to taint |
|
||||
| captured_variables.rb:91:6:91:6 | y | captured_variables.rb:88:9:88:16 | call to taint | captured_variables.rb:91:6:91:6 | y | $@ | captured_variables.rb:88:9:88:16 | call to taint | call to taint |
|
||||
| captured_variables.rb:95:14:95:14 | x | captured_variables.rb:98:13:98:20 | call to taint | captured_variables.rb:95:14:95:14 | x | $@ | captured_variables.rb:98:13:98:20 | call to taint | call to taint |
|
||||
| captured_variables.rb:105:10:105:10 | x | captured_variables.rb:104:17:104:24 | call to taint | captured_variables.rb:105:10:105:10 | x | $@ | captured_variables.rb:104:17:104:24 | call to taint | call to taint |
|
||||
| captured_variables.rb:112:18:112:18 | x | captured_variables.rb:109:9:109:17 | call to taint | captured_variables.rb:112:18:112:18 | x | $@ | captured_variables.rb:109:9:109:17 | call to taint | call to taint |
|
||||
| captured_variables.rb:112:18:112:18 | x | captured_variables.rb:113:17:113:25 | call to taint | captured_variables.rb:112:18:112:18 | x | $@ | captured_variables.rb:113:17:113:25 | call to taint | call to taint |
|
||||
| captured_variables.rb:118:10:118:10 | x | captured_variables.rb:109:9:109:17 | call to taint | captured_variables.rb:118:10:118:10 | x | $@ | captured_variables.rb:109:9:109:17 | call to taint | call to taint |
|
||||
| captured_variables.rb:118:10:118:10 | x | captured_variables.rb:113:17:113:25 | call to taint | captured_variables.rb:118:10:118:10 | x | $@ | captured_variables.rb:113:17:113:25 | call to taint | call to taint |
|
||||
| captured_variables.rb:154:14:154:15 | @x | captured_variables.rb:147:10:147:18 | call to taint | captured_variables.rb:154:14:154:15 | @x | $@ | captured_variables.rb:147:10:147:18 | call to taint | call to taint |
|
||||
| captured_variables.rb:169:18:169:19 | @x | captured_variables.rb:160:14:160:22 | call to taint | captured_variables.rb:169:18:169:19 | @x | $@ | captured_variables.rb:160:14:160:22 | call to taint | call to taint |
|
||||
| captured_variables.rb:187:18:187:19 | @x | captured_variables.rb:178:14:178:22 | call to taint | captured_variables.rb:187:18:187:19 | @x | $@ | captured_variables.rb:178:14:178:22 | call to taint | call to taint |
|
||||
| instance_variables.rb:20:10:20:13 | @foo | instance_variables.rb:19:12:19:21 | call to taint | instance_variables.rb:20:10:20:13 | @foo | $@ | instance_variables.rb:19:12:19:21 | call to taint | call to taint |
|
||||
|
||||
@@ -1,13 +1,13 @@
|
||||
testFailures
|
||||
| captured_variables.rb:17:14:17:14 | x | Fixed missing result:hasValueFlow=1.2 |
|
||||
| captured_variables.rb:24:14:24:14 | x | Fixed missing result:hasValueFlow=1.3 |
|
||||
| captured_variables.rb:50:10:50:10 | x | Fixed missing result:hasValueFlow=2 |
|
||||
| captured_variables.rb:54:6:54:6 | x | Unexpected result: hasValueFlow=1 |
|
||||
| captured_variables.rb:72:21:72:75 | # $ MISSING: hasValueFlow=4 $ SPURIOUS: hasValueFlow=3 | Fixed spurious result:hasValueFlow=3 |
|
||||
| captured_variables.rb:91:6:91:6 | y | Unexpected result: hasValueFlow=6 |
|
||||
| captured_variables.rb:95:14:95:14 | x | Fixed missing result:hasValueFlow=8 |
|
||||
| captured_variables.rb:118:10:118:10 | x | Unexpected result: hasValueFlow=10 |
|
||||
| captured_variables.rb:68:25:68:68 | # $ hasValueFlow=3 $ MISSING: hasValueFlow=4 | Missing result:hasValueFlow=3 |
|
||||
| captured_variables.rb:72:21:72:66 | # $ hasValueFlow=4 $ SPURIOUS: hasValueFlow=3 | Fixed spurious result:hasValueFlow=3 |
|
||||
| captured_variables.rb:72:21:72:66 | # $ hasValueFlow=4 $ SPURIOUS: hasValueFlow=3 | Missing result:hasValueFlow=4 |
|
||||
| captured_variables.rb:83:21:83:38 | # $ hasValueFlow=5 | Missing result:hasValueFlow=5 |
|
||||
| captured_variables.rb:87:10:87:10 | y | Unexpected result: hasValueFlow=7 |
|
||||
| captured_variables.rb:112:18:112:18 | x | Unexpected result: hasValueFlow=11 |
|
||||
| captured_variables.rb:126:14:126:14 | x | Fixed missing result:hasValueFlow=12 |
|
||||
| captured_variables.rb:154:17:154:35 | # $ hasValueFlow=13 | Missing result:hasValueFlow=13 |
|
||||
| instance_variables.rb:20:16:20:33 | # $ hasValueFlow=7 | Missing result:hasValueFlow=7 |
|
||||
| instance_variables.rb:36:36:36:54 | # $ hasValueFlow=34 | Missing result:hasValueFlow=34 |
|
||||
| instance_variables.rb:39:36:39:54 | # $ hasValueFlow=35 | Missing result:hasValueFlow=35 |
|
||||
|
||||
@@ -14,14 +14,14 @@ capture_local_call taint(1.1)
|
||||
|
||||
def capture_escape_return1 x
|
||||
-> {
|
||||
sink(x) # $ MISSING: hasValueFlow=1.2
|
||||
sink(x) # $ hasValueFlow=1.2
|
||||
}
|
||||
end
|
||||
(capture_escape_return1 taint(1.2)).call
|
||||
|
||||
def capture_escape_return2 x
|
||||
-> {
|
||||
sink(x) # $ MISSING: hasValueFlow=1.3
|
||||
sink(x) # $ hasValueFlow=1.3
|
||||
}
|
||||
end
|
||||
Something.unknownMethod(capture_escape_return2 taint(1.3))
|
||||
@@ -51,7 +51,7 @@ x = taint(1)
|
||||
x = taint(2)
|
||||
end
|
||||
|
||||
sink x # $ hasValueFlow=2
|
||||
sink x # $ hasValueFlow=2 $ SPURIOUS: hasValueFlow=1
|
||||
|
||||
class Foo
|
||||
def set_field x
|
||||
@@ -65,11 +65,11 @@ end
|
||||
foo = Foo.new
|
||||
foo.set_field(taint(3))
|
||||
[1, 2, 3].each do |i|
|
||||
sink(foo.get_field) # $ MISSING: hasValueFlow=3 $ MISSING: hasValueFlow=4
|
||||
sink(foo.get_field) # $ hasValueFlow=3 $ MISSING: hasValueFlow=4
|
||||
foo.set_field(taint(4))
|
||||
end
|
||||
|
||||
sink(foo.get_field) # $ MISSING: hasValueFlow=4 $ SPURIOUS: hasValueFlow=3
|
||||
sink(foo.get_field) # $ hasValueFlow=4 $ SPURIOUS: hasValueFlow=3
|
||||
|
||||
foo = Foo.new
|
||||
if (rand() < 0) then
|
||||
@@ -80,19 +80,19 @@ else
|
||||
end
|
||||
end
|
||||
|
||||
sink(foo.get_field) # $ MISSING: hasValueFlow=5
|
||||
sink(foo.get_field) # $ hasValueFlow=5
|
||||
|
||||
y = taint(6)
|
||||
fn = -> {
|
||||
sink(y) # $ hasValueFlow=6 $ SPURIOUS: hasValueFlow=7
|
||||
sink(y) # $ hasValueFlow=6
|
||||
y = taint(7)
|
||||
}
|
||||
fn.call
|
||||
sink(y) # $ hasValueFlow=7
|
||||
sink(y) # $ hasValueFlow=7 $ SPURIOUS: hasValueFlow=6
|
||||
|
||||
def capture_arg x
|
||||
-> {
|
||||
sink x # $ MISSING: hasValueFlow=8
|
||||
sink x # $ hasValueFlow=8
|
||||
}
|
||||
end
|
||||
capture_arg(taint(8)).call
|
||||
@@ -109,13 +109,13 @@ def capture_nested
|
||||
x = taint(10)
|
||||
middle = -> {
|
||||
inner = -> {
|
||||
sink x # $ hasValueFlow=10 $ SPURIOUS: hasValueFlow=11
|
||||
sink x # $ hasValueFlow=10
|
||||
x = taint(11)
|
||||
}
|
||||
inner.call
|
||||
}
|
||||
middle.call
|
||||
sink x # $ hasValueFlow=11
|
||||
sink x # $ hasValueFlow=11 $ SPURIOUS: hasValueFlow=10
|
||||
end
|
||||
capture_nested
|
||||
|
||||
@@ -151,7 +151,7 @@ module CaptureModuleSelf
|
||||
end
|
||||
|
||||
self.foo do
|
||||
sink @x # $ MISSING: hasValueFlow=13
|
||||
sink @x # $ hasValueFlow=13
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
@@ -1,59 +1,57 @@
|
||||
testFailures
|
||||
edges
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:2:6:2:12 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:2:6:2:12 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:4:24:4:30 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:4:24:4:30 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:16:36:16:42 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:16:36:16:42 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:20:25:20:31 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:26:31:26:37 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:30:24:30:30 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:31:27:31:33 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:34:16:34:22 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:34:16:34:22 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:35:16:35:22 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:35:16:35:22 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:36:21:36:27 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:36:21:36:27 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:37:36:37:42 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:37:36:37:42 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:51:24:51:30 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:56:22:56:28 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:57:17:57:23 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:59:27:59:33 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:63:32:63:38 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:65:23:65:29 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:122:16:122:22 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:128:14:128:20 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:131:16:131:22 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:131:16:131:22 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:132:21:132:27 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:132:21:132:27 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:135:26:135:32 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:135:26:135:32 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:137:23:137:29 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:137:23:137:29 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:140:19:140:25 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:140:19:140:25 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:141:19:141:25 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:141:19:141:25 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:145:26:145:32 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:145:26:145:32 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:147:16:147:22 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:147:16:147:22 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:150:39:150:45 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:150:39:150:45 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:154:20:154:26 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:154:20:154:26 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:155:28:155:34 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:155:28:155:34 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:156:27:156:33 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:156:27:156:33 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:158:15:158:21 | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | summaries.rb:158:15:158:21 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:1:1:1:7 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:1:1:1:7 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:2:6:2:12 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:2:6:2:12 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:4:24:4:30 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:4:24:4:30 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:16:36:16:42 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:16:36:16:42 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:20:25:20:31 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:26:31:26:37 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:30:24:30:30 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:31:27:31:33 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:34:16:34:22 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:34:16:34:22 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:35:16:35:22 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:35:16:35:22 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:36:21:36:27 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:36:21:36:27 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:37:36:37:42 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:37:36:37:42 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:51:24:51:30 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:56:22:56:28 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:57:17:57:23 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:59:27:59:33 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:63:32:63:38 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:65:23:65:29 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:122:16:122:22 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:128:14:128:20 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:131:16:131:22 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:131:16:131:22 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:132:21:132:27 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:132:21:132:27 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:135:26:135:32 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:135:26:135:32 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:137:23:137:29 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:137:23:137:29 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:140:19:140:25 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:140:19:140:25 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:141:19:141:25 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:141:19:141:25 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:145:26:145:32 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:145:26:145:32 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:147:16:147:22 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:147:16:147:22 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:150:39:150:45 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:150:39:150:45 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:154:20:154:26 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:154:20:154:26 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:155:28:155:34 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:155:28:155:34 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:156:27:156:33 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:156:27:156:33 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:157:14:160:3 | do ... end [captured tainted] |
|
||||
| summaries.rb:1:11:1:36 | call to identity | summaries.rb:157:14:160:3 | do ... end [captured tainted] |
|
||||
| summaries.rb:1:20:1:36 | call to source | summaries.rb:1:11:1:36 | call to identity |
|
||||
| summaries.rb:1:20:1:36 | call to source | summaries.rb:1:11:1:36 | call to identity |
|
||||
| summaries.rb:4:1:4:8 | tainted2 | summaries.rb:9:6:9:13 | tainted2 |
|
||||
@@ -242,6 +240,7 @@ edges
|
||||
| summaries.rb:122:16:122:22 | [post] tainted | summaries.rb:154:20:154:26 | tainted |
|
||||
| summaries.rb:122:16:122:22 | [post] tainted | summaries.rb:155:28:155:34 | tainted |
|
||||
| summaries.rb:122:16:122:22 | [post] tainted | summaries.rb:156:27:156:33 | tainted |
|
||||
| summaries.rb:122:16:122:22 | [post] tainted | summaries.rb:157:14:160:3 | do ... end [captured tainted] |
|
||||
| summaries.rb:122:16:122:22 | tainted | summaries.rb:122:16:122:22 | [post] tainted |
|
||||
| summaries.rb:122:16:122:22 | tainted | summaries.rb:122:25:122:25 | [post] y |
|
||||
| summaries.rb:122:16:122:22 | tainted | summaries.rb:122:33:122:33 | [post] z |
|
||||
@@ -249,9 +248,9 @@ edges
|
||||
| summaries.rb:122:33:122:33 | [post] z | summaries.rb:125:6:125:6 | z |
|
||||
| summaries.rb:128:1:128:1 | [post] x | summaries.rb:129:6:129:6 | x |
|
||||
| summaries.rb:128:14:128:20 | tainted | summaries.rb:128:1:128:1 | [post] x |
|
||||
| summaries.rb:157:14:160:3 | do ... end [captured tainted] | summaries.rb:158:15:158:21 | tainted |
|
||||
| summaries.rb:157:14:160:3 | do ... end [captured tainted] | summaries.rb:158:15:158:21 | tainted |
|
||||
nodes
|
||||
| summaries.rb:1:1:1:7 | tainted | semmle.label | tainted |
|
||||
| summaries.rb:1:1:1:7 | tainted | semmle.label | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity | semmle.label | call to identity |
|
||||
| summaries.rb:1:11:1:36 | call to identity | semmle.label | call to identity |
|
||||
| summaries.rb:1:20:1:36 | call to source | semmle.label | call to source |
|
||||
@@ -491,6 +490,8 @@ nodes
|
||||
| summaries.rb:155:28:155:34 | tainted | semmle.label | tainted |
|
||||
| summaries.rb:156:27:156:33 | tainted | semmle.label | tainted |
|
||||
| summaries.rb:156:27:156:33 | tainted | semmle.label | tainted |
|
||||
| summaries.rb:157:14:160:3 | do ... end [captured tainted] | semmle.label | do ... end [captured tainted] |
|
||||
| summaries.rb:157:14:160:3 | do ... end [captured tainted] | semmle.label | do ... end [captured tainted] |
|
||||
| summaries.rb:158:15:158:21 | tainted | semmle.label | tainted |
|
||||
| summaries.rb:158:15:158:21 | tainted | semmle.label | tainted |
|
||||
| summaries.rb:163:20:163:36 | call to source | semmle.label | call to source |
|
||||
|
||||
@@ -43,51 +43,43 @@ filterPatterns
|
||||
| app.rb:106:3:108:5 | call to before | app.rb:106:10:106:23 | "/protected/*" |
|
||||
| app.rb:111:3:113:5 | call to after | app.rb:111:9:111:23 | "/create/:slug" |
|
||||
additionalFlowSteps
|
||||
| app.rb:85:5:85:9 | [post] self | app.rb:2:22:4:5 | <captured entry> self |
|
||||
| app.rb:85:5:85:9 | [post] self | app.rb:10:21:13:5 | <captured entry> self |
|
||||
| app.rb:85:5:85:9 | [post] self | app.rb:15:23:18:5 | <captured entry> self |
|
||||
| app.rb:85:5:85:9 | [post] self | app.rb:24:26:26:5 | <captured entry> self |
|
||||
| app.rb:85:5:85:9 | [post] self | app.rb:37:16:42:5 | <captured entry> self |
|
||||
| app.rb:85:5:85:9 | [post] self | app.rb:44:53:46:5 | <captured entry> self |
|
||||
| app.rb:85:5:85:9 | [post] self | app.rb:56:32:58:5 | <captured entry> self |
|
||||
| app.rb:85:5:85:9 | [post] self | app.rb:60:48:62:5 | <captured entry> self |
|
||||
| app.rb:85:5:85:9 | [post] self | app.rb:74:11:77:5 | <captured entry> self |
|
||||
| app.rb:85:5:85:9 | [post] self | app.rb:79:11:82:5 | <captured entry> self |
|
||||
| app.rb:85:5:85:9 | [post] self | app.rb:89:16:92:5 | <captured entry> self |
|
||||
| app.rb:85:5:85:9 | [post] self | app.rb:94:15:96:5 | <captured entry> self |
|
||||
| app.rb:86:5:86:11 | [post] self | app.rb:2:22:4:5 | <captured entry> self |
|
||||
| app.rb:86:5:86:11 | [post] self | app.rb:10:21:13:5 | <captured entry> self |
|
||||
| app.rb:86:5:86:11 | [post] self | app.rb:15:23:18:5 | <captured entry> self |
|
||||
| app.rb:86:5:86:11 | [post] self | app.rb:24:26:26:5 | <captured entry> self |
|
||||
| app.rb:86:5:86:11 | [post] self | app.rb:37:16:42:5 | <captured entry> self |
|
||||
| app.rb:86:5:86:11 | [post] self | app.rb:44:53:46:5 | <captured entry> self |
|
||||
| app.rb:86:5:86:11 | [post] self | app.rb:56:32:58:5 | <captured entry> self |
|
||||
| app.rb:86:5:86:11 | [post] self | app.rb:60:48:62:5 | <captured entry> self |
|
||||
| app.rb:86:5:86:11 | [post] self | app.rb:74:11:77:5 | <captured entry> self |
|
||||
| app.rb:86:5:86:11 | [post] self | app.rb:79:11:82:5 | <captured entry> self |
|
||||
| app.rb:86:5:86:11 | [post] self | app.rb:89:16:92:5 | <captured entry> self |
|
||||
| app.rb:86:5:86:11 | [post] self | app.rb:94:15:96:5 | <captured entry> self |
|
||||
| app.rb:103:5:103:9 | [post] self | app.rb:2:22:4:5 | <captured entry> self |
|
||||
| app.rb:103:5:103:9 | [post] self | app.rb:10:21:13:5 | <captured entry> self |
|
||||
| app.rb:103:5:103:9 | [post] self | app.rb:15:23:18:5 | <captured entry> self |
|
||||
| app.rb:103:5:103:9 | [post] self | app.rb:24:26:26:5 | <captured entry> self |
|
||||
| app.rb:103:5:103:9 | [post] self | app.rb:37:16:42:5 | <captured entry> self |
|
||||
| app.rb:103:5:103:9 | [post] self | app.rb:44:53:46:5 | <captured entry> self |
|
||||
| app.rb:103:5:103:9 | [post] self | app.rb:56:32:58:5 | <captured entry> self |
|
||||
| app.rb:103:5:103:9 | [post] self | app.rb:60:48:62:5 | <captured entry> self |
|
||||
| app.rb:103:5:103:9 | [post] self | app.rb:74:11:77:5 | <captured entry> self |
|
||||
| app.rb:103:5:103:9 | [post] self | app.rb:79:11:82:5 | <captured entry> self |
|
||||
| app.rb:103:5:103:9 | [post] self | app.rb:89:16:92:5 | <captured entry> self |
|
||||
| app.rb:103:5:103:9 | [post] self | app.rb:94:15:96:5 | <captured entry> self |
|
||||
| app.rb:103:13:103:22 | [post] self | app.rb:2:22:4:5 | <captured entry> self |
|
||||
| app.rb:103:13:103:22 | [post] self | app.rb:10:21:13:5 | <captured entry> self |
|
||||
| app.rb:103:13:103:22 | [post] self | app.rb:15:23:18:5 | <captured entry> self |
|
||||
| app.rb:103:13:103:22 | [post] self | app.rb:24:26:26:5 | <captured entry> self |
|
||||
| app.rb:103:13:103:22 | [post] self | app.rb:37:16:42:5 | <captured entry> self |
|
||||
| app.rb:103:13:103:22 | [post] self | app.rb:44:53:46:5 | <captured entry> self |
|
||||
| app.rb:103:13:103:22 | [post] self | app.rb:56:32:58:5 | <captured entry> self |
|
||||
| app.rb:103:13:103:22 | [post] self | app.rb:60:48:62:5 | <captured entry> self |
|
||||
| app.rb:103:13:103:22 | [post] self | app.rb:74:11:77:5 | <captured entry> self |
|
||||
| app.rb:103:13:103:22 | [post] self | app.rb:79:11:82:5 | <captured entry> self |
|
||||
| app.rb:103:13:103:22 | [post] self | app.rb:89:16:92:5 | <captured entry> self |
|
||||
| app.rb:103:13:103:22 | [post] self | app.rb:94:15:96:5 | <captured entry> self |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:2:22:4:5 | lambda self in do ... end |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:6:24:8:5 | lambda self in do ... end |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:10:21:13:5 | lambda self in do ... end |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:15:23:18:5 | lambda self in do ... end |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:20:23:22:5 | lambda self in do ... end |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:24:26:26:5 | lambda self in do ... end |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:28:26:31:5 | lambda self in do ... end |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:33:25:35:5 | lambda self in do ... end |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:37:16:42:5 | lambda self in do ... end |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:44:53:46:5 | lambda self in do ... end |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:48:14:50:5 | lambda self in do ... end |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:52:37:54:5 | lambda self in do ... end |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:56:32:58:5 | lambda self in do ... end |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:60:48:62:5 | lambda self in do ... end |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:66:41:68:5 | lambda self in do ... end |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:70:20:72:5 | lambda self in do ... end |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:74:11:77:5 | lambda self in do ... end |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:79:11:82:5 | lambda self in do ... end |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:89:16:92:5 | lambda self in do ... end |
|
||||
| app.rb:84:10:87:5 | [post] do ... end | app.rb:94:15:96:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:2:22:4:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:6:24:8:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:10:21:13:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:15:23:18:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:20:23:22:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:24:26:26:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:28:26:31:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:33:25:35:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:37:16:42:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:44:53:46:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:48:14:50:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:52:37:54:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:56:32:58:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:60:48:62:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:66:41:68:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:70:20:72:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:74:11:77:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:79:11:82:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:89:16:92:5 | lambda self in do ... end |
|
||||
| app.rb:102:10:104:5 | [post] do ... end | app.rb:94:15:96:5 | lambda self in do ... end |
|
||||
|
||||
@@ -7,15 +7,15 @@ edges
|
||||
| ErbInjection.rb:8:5:8:12 | bad_text | ErbInjection.rb:19:20:19:27 | bad_text |
|
||||
| ErbInjection.rb:8:16:11:14 | ... % ... | ErbInjection.rb:8:5:8:12 | bad_text |
|
||||
| ErbInjection.rb:11:11:11:14 | name | ErbInjection.rb:8:16:11:14 | ... % ... |
|
||||
| SlimInjection.rb:5:5:5:8 | name | SlimInjection.rb:8:5:8:12 | bad_text |
|
||||
| SlimInjection.rb:5:5:5:8 | name | SlimInjection.rb:11:11:11:14 | name |
|
||||
| SlimInjection.rb:5:5:5:8 | name | SlimInjection.rb:17:5:17:13 | bad2_text |
|
||||
| SlimInjection.rb:5:5:5:8 | name | SlimInjection.rb:14:23:14:34 | { ... } [captured bad_text] |
|
||||
| SlimInjection.rb:5:5:5:8 | name | SlimInjection.rb:23:23:23:35 | { ... } [captured bad2_text] |
|
||||
| SlimInjection.rb:5:12:5:17 | call to params | SlimInjection.rb:5:12:5:24 | ...[...] |
|
||||
| SlimInjection.rb:5:12:5:24 | ...[...] | SlimInjection.rb:5:5:5:8 | name |
|
||||
| SlimInjection.rb:8:5:8:12 | bad_text | SlimInjection.rb:14:25:14:32 | bad_text |
|
||||
| SlimInjection.rb:8:16:11:14 | ... % ... | SlimInjection.rb:8:5:8:12 | bad_text |
|
||||
| SlimInjection.rb:8:16:11:14 | ... % ... | SlimInjection.rb:14:23:14:34 | { ... } [captured bad_text] |
|
||||
| SlimInjection.rb:11:11:11:14 | name | SlimInjection.rb:8:16:11:14 | ... % ... |
|
||||
| SlimInjection.rb:17:5:17:13 | bad2_text | SlimInjection.rb:23:25:23:33 | bad2_text |
|
||||
| SlimInjection.rb:14:23:14:34 | { ... } [captured bad_text] | SlimInjection.rb:14:25:14:32 | bad_text |
|
||||
| SlimInjection.rb:23:23:23:35 | { ... } [captured bad2_text] | SlimInjection.rb:23:25:23:33 | bad2_text |
|
||||
nodes
|
||||
| ErbInjection.rb:5:5:5:8 | name | semmle.label | name |
|
||||
| ErbInjection.rb:5:12:5:17 | call to params | semmle.label | call to params |
|
||||
@@ -28,11 +28,11 @@ nodes
|
||||
| SlimInjection.rb:5:5:5:8 | name | semmle.label | name |
|
||||
| SlimInjection.rb:5:12:5:17 | call to params | semmle.label | call to params |
|
||||
| SlimInjection.rb:5:12:5:24 | ...[...] | semmle.label | ...[...] |
|
||||
| SlimInjection.rb:8:5:8:12 | bad_text | semmle.label | bad_text |
|
||||
| SlimInjection.rb:8:16:11:14 | ... % ... | semmle.label | ... % ... |
|
||||
| SlimInjection.rb:11:11:11:14 | name | semmle.label | name |
|
||||
| SlimInjection.rb:14:23:14:34 | { ... } [captured bad_text] | semmle.label | { ... } [captured bad_text] |
|
||||
| SlimInjection.rb:14:25:14:32 | bad_text | semmle.label | bad_text |
|
||||
| SlimInjection.rb:17:5:17:13 | bad2_text | semmle.label | bad2_text |
|
||||
| SlimInjection.rb:23:23:23:35 | { ... } [captured bad2_text] | semmle.label | { ... } [captured bad2_text] |
|
||||
| SlimInjection.rb:23:25:23:33 | bad2_text | semmle.label | bad2_text |
|
||||
subpaths
|
||||
#select
|
||||
|
||||
@@ -5,7 +5,9 @@ edges
|
||||
| ArchiveApiPathTraversal.rb:10:11:10:23 | ...[...] | ArchiveApiPathTraversal.rb:67:13:67:16 | file |
|
||||
| ArchiveApiPathTraversal.rb:15:9:15:14 | call to params | ArchiveApiPathTraversal.rb:15:9:15:25 | ...[...] |
|
||||
| ArchiveApiPathTraversal.rb:15:9:15:25 | ...[...] | ArchiveApiPathTraversal.rb:75:11:75:18 | filename |
|
||||
| ArchiveApiPathTraversal.rb:49:17:49:27 | destination | ArchiveApiPathTraversal.rb:52:38:52:48 | destination |
|
||||
| ArchiveApiPathTraversal.rb:49:17:49:27 | destination | ArchiveApiPathTraversal.rb:50:36:64:7 | do ... end [captured destination] |
|
||||
| ArchiveApiPathTraversal.rb:50:36:64:7 | do ... end [captured destination] | ArchiveApiPathTraversal.rb:51:16:63:9 | do ... end [captured destination] |
|
||||
| ArchiveApiPathTraversal.rb:51:16:63:9 | do ... end [captured destination] | ArchiveApiPathTraversal.rb:52:38:52:48 | destination |
|
||||
| ArchiveApiPathTraversal.rb:52:9:52:24 | destination_file | ArchiveApiPathTraversal.rb:59:21:59:36 | destination_file |
|
||||
| ArchiveApiPathTraversal.rb:52:28:52:67 | call to join | ArchiveApiPathTraversal.rb:52:9:52:24 | destination_file |
|
||||
| ArchiveApiPathTraversal.rb:52:38:52:48 | destination | ArchiveApiPathTraversal.rb:52:28:52:67 | call to join |
|
||||
@@ -72,6 +74,8 @@ nodes
|
||||
| ArchiveApiPathTraversal.rb:15:9:15:14 | call to params | semmle.label | call to params |
|
||||
| ArchiveApiPathTraversal.rb:15:9:15:25 | ...[...] | semmle.label | ...[...] |
|
||||
| ArchiveApiPathTraversal.rb:49:17:49:27 | destination | semmle.label | destination |
|
||||
| ArchiveApiPathTraversal.rb:50:36:64:7 | do ... end [captured destination] | semmle.label | do ... end [captured destination] |
|
||||
| ArchiveApiPathTraversal.rb:51:16:63:9 | do ... end [captured destination] | semmle.label | do ... end [captured destination] |
|
||||
| ArchiveApiPathTraversal.rb:52:9:52:24 | destination_file | semmle.label | destination_file |
|
||||
| ArchiveApiPathTraversal.rb:52:28:52:67 | call to join | semmle.label | call to join |
|
||||
| ArchiveApiPathTraversal.rb:52:38:52:48 | destination | semmle.label | destination |
|
||||
|
||||
@@ -4,14 +4,16 @@ edges
|
||||
| app/controllers/users_controller.rb:15:5:15:15 | unsanitized | app/controllers/users_controller.rb:23:20:23:30 | unsanitized |
|
||||
| app/controllers/users_controller.rb:15:19:15:24 | call to params | app/controllers/users_controller.rb:15:19:15:30 | ...[...] |
|
||||
| app/controllers/users_controller.rb:15:19:15:30 | ...[...] | app/controllers/users_controller.rb:15:5:15:15 | unsanitized |
|
||||
| app/controllers/users_controller.rb:23:5:23:16 | unsanitized2 | app/controllers/users_controller.rb:25:7:25:18 | unsanitized2 |
|
||||
| app/controllers/users_controller.rb:23:5:23:16 | unsanitized2 | app/controllers/users_controller.rb:27:16:27:39 | ... + ... |
|
||||
| app/controllers/users_controller.rb:23:20:23:30 | unsanitized | app/controllers/users_controller.rb:23:20:23:44 | call to sub |
|
||||
| app/controllers/users_controller.rb:23:20:23:44 | call to sub | app/controllers/users_controller.rb:23:5:23:16 | unsanitized2 |
|
||||
| app/controllers/users_controller.rb:33:5:33:15 | unsanitized | app/controllers/users_controller.rb:34:33:34:43 | unsanitized |
|
||||
| app/controllers/users_controller.rb:33:5:33:15 | unsanitized | app/controllers/users_controller.rb:35:33:35:55 | ... + ... |
|
||||
| app/controllers/users_controller.rb:23:20:23:44 | call to sub | app/controllers/users_controller.rb:24:18:26:7 | do ... end [captured unsanitized2] |
|
||||
| app/controllers/users_controller.rb:23:20:23:44 | call to sub | app/controllers/users_controller.rb:27:16:27:39 | ... + ... |
|
||||
| app/controllers/users_controller.rb:24:18:26:7 | do ... end [captured unsanitized2] | app/controllers/users_controller.rb:25:7:25:18 | unsanitized2 |
|
||||
| app/controllers/users_controller.rb:33:19:33:25 | call to cookies | app/controllers/users_controller.rb:33:19:33:31 | ...[...] |
|
||||
| app/controllers/users_controller.rb:33:19:33:31 | ...[...] | app/controllers/users_controller.rb:33:5:33:15 | unsanitized |
|
||||
| app/controllers/users_controller.rb:33:19:33:31 | ...[...] | app/controllers/users_controller.rb:34:31:34:45 | { ... } [captured unsanitized] |
|
||||
| app/controllers/users_controller.rb:33:19:33:31 | ...[...] | app/controllers/users_controller.rb:35:31:35:57 | { ... } [captured unsanitized] |
|
||||
| app/controllers/users_controller.rb:34:31:34:45 | { ... } [captured unsanitized] | app/controllers/users_controller.rb:34:33:34:43 | unsanitized |
|
||||
| app/controllers/users_controller.rb:35:31:35:57 | { ... } [captured unsanitized] | app/controllers/users_controller.rb:35:45:35:55 | unsanitized |
|
||||
| app/controllers/users_controller.rb:35:45:35:55 | unsanitized | app/controllers/users_controller.rb:35:33:35:55 | ... + ... |
|
||||
| app/controllers/users_controller.rb:49:19:49:24 | call to params | app/controllers/users_controller.rb:49:19:49:30 | ...[...] |
|
||||
nodes
|
||||
| app/controllers/users_controller.rb:15:5:15:15 | unsanitized | semmle.label | unsanitized |
|
||||
@@ -19,16 +21,18 @@ nodes
|
||||
| app/controllers/users_controller.rb:15:19:15:30 | ...[...] | semmle.label | ...[...] |
|
||||
| app/controllers/users_controller.rb:16:19:16:29 | unsanitized | semmle.label | unsanitized |
|
||||
| app/controllers/users_controller.rb:17:19:17:41 | ... + ... | semmle.label | ... + ... |
|
||||
| app/controllers/users_controller.rb:23:5:23:16 | unsanitized2 | semmle.label | unsanitized2 |
|
||||
| app/controllers/users_controller.rb:23:20:23:30 | unsanitized | semmle.label | unsanitized |
|
||||
| app/controllers/users_controller.rb:23:20:23:44 | call to sub | semmle.label | call to sub |
|
||||
| app/controllers/users_controller.rb:24:18:26:7 | do ... end [captured unsanitized2] | semmle.label | do ... end [captured unsanitized2] |
|
||||
| app/controllers/users_controller.rb:25:7:25:18 | unsanitized2 | semmle.label | unsanitized2 |
|
||||
| app/controllers/users_controller.rb:27:16:27:39 | ... + ... | semmle.label | ... + ... |
|
||||
| app/controllers/users_controller.rb:33:5:33:15 | unsanitized | semmle.label | unsanitized |
|
||||
| app/controllers/users_controller.rb:33:19:33:25 | call to cookies | semmle.label | call to cookies |
|
||||
| app/controllers/users_controller.rb:33:19:33:31 | ...[...] | semmle.label | ...[...] |
|
||||
| app/controllers/users_controller.rb:34:31:34:45 | { ... } [captured unsanitized] | semmle.label | { ... } [captured unsanitized] |
|
||||
| app/controllers/users_controller.rb:34:33:34:43 | unsanitized | semmle.label | unsanitized |
|
||||
| app/controllers/users_controller.rb:35:31:35:57 | { ... } [captured unsanitized] | semmle.label | { ... } [captured unsanitized] |
|
||||
| app/controllers/users_controller.rb:35:33:35:55 | ... + ... | semmle.label | ... + ... |
|
||||
| app/controllers/users_controller.rb:35:45:35:55 | unsanitized | semmle.label | unsanitized |
|
||||
| app/controllers/users_controller.rb:49:19:49:24 | call to params | semmle.label | call to params |
|
||||
| app/controllers/users_controller.rb:49:19:49:30 | ...[...] | semmle.label | ...[...] |
|
||||
subpaths
|
||||
|
||||
Reference in New Issue
Block a user