Ruby: Reimplement flow through captured variables using field flow

2026-04-28 18:25:24 +02:00 · 2023-08-10 20:16:50 +02:00
parent 5d1c399371
commit 48e2dcfa35
24 changed files with 815 additions and 441 deletions
--- a/ruby/ql/test/library-tests/dataflow/array-flow/array-flow.expected
+++ b/ruby/ql/test/library-tests/dataflow/array-flow/array-flow.expected
@@ -450,10 +450,10 @@ edges
 | array_flow.rb:403:5:403:5 | a [element 2] | array_flow.rb:404:18:404:18 | a [element 2] |
 | array_flow.rb:403:16:403:25 | call to source | array_flow.rb:403:5:403:5 | a [element 2] |
 | array_flow.rb:404:5:404:5 | b [element 2] | array_flow.rb:408:10:408:10 | b [element 2] |
-| array_flow.rb:404:9:406:7 | __synth__0__1 | array_flow.rb:404:13:404:13 | x |
-| array_flow.rb:404:13:404:13 | x | array_flow.rb:405:14:405:14 | x |
-| array_flow.rb:404:13:404:13 | x | array_flow.rb:407:10:407:10 | x |
+| array_flow.rb:404:9:406:7 | [post] { ... } [captured x] | array_flow.rb:407:10:407:10 | x |
+| array_flow.rb:404:9:406:7 | __synth__0__1 | array_flow.rb:405:14:405:14 | x |
 | array_flow.rb:404:18:404:18 | a [element 2] | array_flow.rb:404:5:404:5 | b [element 2] |
+| array_flow.rb:404:18:404:18 | a [element 2] | array_flow.rb:404:9:406:7 | [post] { ... } [captured x] |
 | array_flow.rb:404:18:404:18 | a [element 2] | array_flow.rb:404:9:406:7 | __synth__0__1 |
 | array_flow.rb:408:10:408:10 | b [element 2] | array_flow.rb:408:10:408:13 | ...[...] |
 | array_flow.rb:412:5:412:5 | a [element 2] | array_flow.rb:413:5:413:5 | a [element 2] |
@@ -2609,8 +2609,8 @@ nodes
 | array_flow.rb:403:5:403:5 | a [element 2] | semmle.label | a [element 2] |
 | array_flow.rb:403:16:403:25 | call to source | semmle.label | call to source |
 | array_flow.rb:404:5:404:5 | b [element 2] | semmle.label | b [element 2] |
+| array_flow.rb:404:9:406:7 | [post] { ... } [captured x] | semmle.label | [post] { ... } [captured x] |
 | array_flow.rb:404:9:406:7 | __synth__0__1 | semmle.label | __synth__0__1 |
-| array_flow.rb:404:13:404:13 | x | semmle.label | x |
 | array_flow.rb:404:18:404:18 | a [element 2] | semmle.label | a [element 2] |
 | array_flow.rb:405:14:405:14 | x | semmle.label | x |
 | array_flow.rb:407:10:407:10 | x | semmle.label | x |
--- a/ruby/ql/test/library-tests/dataflow/call-sensitivity/call-sensitivity.expected
+++ b/ruby/ql/test/library-tests/dataflow/call-sensitivity/call-sensitivity.expected
@@ -32,7 +32,8 @@ edges
 | call_sensitivity.rb:66:20:66:20 | x | call_sensitivity.rb:67:24:67:24 | x |
 | call_sensitivity.rb:67:24:67:24 | x | call_sensitivity.rb:62:18:62:18 | y |
 | call_sensitivity.rb:70:30:70:30 | x | call_sensitivity.rb:71:10:71:10 | x |
-| call_sensitivity.rb:74:18:74:18 | y | call_sensitivity.rb:76:17:76:17 | y |
+| call_sensitivity.rb:74:18:74:18 | y | call_sensitivity.rb:75:20:77:7 | do ... end [captured y] |
+| call_sensitivity.rb:75:20:77:7 | do ... end [captured y] | call_sensitivity.rb:76:17:76:17 | y |
 | call_sensitivity.rb:76:17:76:17 | y | call_sensitivity.rb:50:15:50:15 | x |
 | call_sensitivity.rb:80:15:80:15 | x | call_sensitivity.rb:81:18:81:18 | x |
 | call_sensitivity.rb:81:18:81:18 | x | call_sensitivity.rb:50:15:50:15 | x |
@@ -121,6 +122,7 @@ nodes
 | call_sensitivity.rb:70:30:70:30 | x | semmle.label | x |
 | call_sensitivity.rb:71:10:71:10 | x | semmle.label | x |
 | call_sensitivity.rb:74:18:74:18 | y | semmle.label | y |
+| call_sensitivity.rb:75:20:77:7 | do ... end [captured y] | semmle.label | do ... end [captured y] |
 | call_sensitivity.rb:76:17:76:17 | y | semmle.label | y |
 | call_sensitivity.rb:80:15:80:15 | x | semmle.label | x |
 | call_sensitivity.rb:81:18:81:18 | x | semmle.label | x |
--- a/ruby/ql/test/library-tests/dataflow/global/Flow.expected
+++ b/ruby/ql/test/library-tests/dataflow/global/Flow.expected
@@ -1,49 +1,115 @@
 testFailures
 edges
-| captured_variables.rb:9:24:9:24 | x | captured_variables.rb:10:20:10:20 | x |
+| captured_variables.rb:9:24:9:24 | x | captured_variables.rb:10:10:10:23 | -> { ... } [captured x] |
+| captured_variables.rb:9:24:9:24 | x | captured_variables.rb:11:5:11:6 | fn [captured x] |
+| captured_variables.rb:10:5:10:6 | fn [captured x] | captured_variables.rb:11:5:11:6 | fn [captured x] |
+| captured_variables.rb:10:10:10:23 | -> { ... } [captured x] | captured_variables.rb:10:5:10:6 | fn [captured x] |
+| captured_variables.rb:11:5:11:6 | fn [captured x] | captured_variables.rb:10:20:10:20 | x |
 | captured_variables.rb:13:20:13:29 | call to taint | captured_variables.rb:9:24:9:24 | x |
-| captured_variables.rb:29:33:29:33 | x | captured_variables.rb:31:14:31:14 | x |
+| captured_variables.rb:15:28:15:28 | x | captured_variables.rb:16:5:18:5 | -> { ... } [captured x] |
+| captured_variables.rb:20:1:20:35 | ( ... ) [captured x] | captured_variables.rb:17:14:17:14 | x |
+| captured_variables.rb:20:2:20:34 | call to capture_escape_return1 [captured x] | captured_variables.rb:20:1:20:35 | ( ... ) [captured x] |
+| captured_variables.rb:20:25:20:34 | call to taint | captured_variables.rb:15:28:15:28 | x |
+| captured_variables.rb:20:25:20:34 | call to taint | captured_variables.rb:20:2:20:34 | call to capture_escape_return1 [captured x] |
+| captured_variables.rb:22:28:22:28 | x | captured_variables.rb:23:5:25:5 | -> { ... } [captured x] |
+| captured_variables.rb:27:25:27:57 | call to capture_escape_return2 [captured x] | captured_variables.rb:24:14:24:14 | x |
+| captured_variables.rb:27:48:27:57 | call to taint | captured_variables.rb:22:28:22:28 | x |
+| captured_variables.rb:27:48:27:57 | call to taint | captured_variables.rb:27:25:27:57 | call to capture_escape_return2 [captured x] |
+| captured_variables.rb:29:33:29:33 | x | captured_variables.rb:30:10:32:5 | -> { ... } [captured x] |
+| captured_variables.rb:29:33:29:33 | x | captured_variables.rb:33:29:33:30 | fn [captured x] |
+| captured_variables.rb:30:5:30:6 | fn [captured x] | captured_variables.rb:33:29:33:30 | fn [captured x] |
+| captured_variables.rb:30:10:32:5 | -> { ... } [captured x] | captured_variables.rb:30:5:30:6 | fn [captured x] |
+| captured_variables.rb:33:29:33:30 | fn [captured x] | captured_variables.rb:31:14:31:14 | x |
 | captured_variables.rb:35:29:35:38 | call to taint | captured_variables.rb:29:33:29:33 | x |
-| captured_variables.rb:40:31:40:31 | x | captured_variables.rb:42:14:42:14 | x |
+| captured_variables.rb:37:13:37:14 | fn [captured x] | captured_variables.rb:38:5:38:6 | fn [captured x] |
+| captured_variables.rb:38:5:38:6 | fn [captured x] | captured_variables.rb:42:14:42:14 | x |
+| captured_variables.rb:40:31:40:31 | x | captured_variables.rb:41:10:43:5 | -> { ... } [captured x] |
+| captured_variables.rb:40:31:40:31 | x | captured_variables.rb:44:13:44:14 | fn [captured x] |
+| captured_variables.rb:41:5:41:6 | fn [captured x] | captured_variables.rb:44:13:44:14 | fn [captured x] |
+| captured_variables.rb:41:10:43:5 | -> { ... } [captured x] | captured_variables.rb:41:5:41:6 | fn [captured x] |
+| captured_variables.rb:44:13:44:14 | fn [captured x] | captured_variables.rb:37:13:37:14 | fn [captured x] |
 | captured_variables.rb:46:27:46:36 | call to taint | captured_variables.rb:40:31:40:31 | x |
-| captured_variables.rb:48:1:48:1 | x | captured_variables.rb:50:10:50:10 | x |
-| captured_variables.rb:48:5:48:12 | call to taint | captured_variables.rb:48:1:48:1 | x |
-| captured_variables.rb:51:5:51:5 | x | captured_variables.rb:54:6:54:6 | x |
-| captured_variables.rb:51:9:51:16 | call to taint | captured_variables.rb:51:5:51:5 | x |
+| captured_variables.rb:48:5:48:12 | call to taint | captured_variables.rb:49:16:52:3 | do ... end [captured x] |
+| captured_variables.rb:48:5:48:12 | call to taint | captured_variables.rb:54:6:54:6 | x |
+| captured_variables.rb:49:16:52:3 | [post] do ... end [captured x] | captured_variables.rb:54:6:54:6 | x |
+| captured_variables.rb:49:16:52:3 | do ... end [captured x] | captured_variables.rb:50:10:50:10 | x |
+| captured_variables.rb:51:9:51:16 | call to taint | captured_variables.rb:49:16:52:3 | [post] do ... end [captured x] |
 | captured_variables.rb:57:19:57:19 | x | captured_variables.rb:58:18:58:18 | x |
 | captured_variables.rb:58:18:58:18 | x | captured_variables.rb:58:9:58:14 | [post] self [@field] |
 | captured_variables.rb:60:5:62:7 | self in get_field [@field] | captured_variables.rb:61:16:61:21 | self [@field] |
 | captured_variables.rb:61:16:61:21 | @field | captured_variables.rb:61:9:61:21 | return |
 | captured_variables.rb:61:16:61:21 | self [@field] | captured_variables.rb:61:16:61:21 | @field |
+| captured_variables.rb:66:1:66:3 | [post] foo [@field] | captured_variables.rb:67:16:70:3 | do ... end [captured foo, @field] |
 | captured_variables.rb:66:1:66:3 | [post] foo [@field] | captured_variables.rb:72:6:72:8 | foo [@field] |
 | captured_variables.rb:66:15:66:22 | call to taint | captured_variables.rb:57:19:57:19 | x |
 | captured_variables.rb:66:15:66:22 | call to taint | captured_variables.rb:66:1:66:3 | [post] foo [@field] |
 | captured_variables.rb:66:15:66:22 | call to taint | instance_variables.rb:10:19:10:19 | x |
+| captured_variables.rb:67:16:70:3 | [post] do ... end [captured foo, @field] | captured_variables.rb:72:6:72:8 | foo [@field] |
+| captured_variables.rb:67:16:70:3 | do ... end [captured foo, @field] | captured_variables.rb:68:10:68:12 | foo [@field] |
+| captured_variables.rb:68:10:68:12 | foo [@field] | captured_variables.rb:60:5:62:7 | self in get_field [@field] |
+| captured_variables.rb:68:10:68:12 | foo [@field] | captured_variables.rb:68:10:68:22 | call to get_field |
+| captured_variables.rb:68:10:68:12 | foo [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
+| captured_variables.rb:69:5:69:7 | [post] foo [@field] | captured_variables.rb:67:16:70:3 | [post] do ... end [captured foo, @field] |
+| captured_variables.rb:69:19:69:26 | call to taint | captured_variables.rb:57:19:57:19 | x |
+| captured_variables.rb:69:19:69:26 | call to taint | captured_variables.rb:69:5:69:7 | [post] foo [@field] |
+| captured_variables.rb:69:19:69:26 | call to taint | instance_variables.rb:10:19:10:19 | x |
 | captured_variables.rb:72:6:72:8 | foo [@field] | captured_variables.rb:60:5:62:7 | self in get_field [@field] |
 | captured_variables.rb:72:6:72:8 | foo [@field] | captured_variables.rb:72:6:72:18 | call to get_field |
 | captured_variables.rb:72:6:72:8 | foo [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
-| captured_variables.rb:85:1:85:1 | y | captured_variables.rb:87:10:87:10 | y |
-| captured_variables.rb:85:5:85:12 | call to taint | captured_variables.rb:85:1:85:1 | y |
-| captured_variables.rb:88:5:88:5 | y | captured_variables.rb:87:10:87:10 | y |
-| captured_variables.rb:88:5:88:5 | y | captured_variables.rb:91:6:91:6 | y |
-| captured_variables.rb:88:9:88:16 | call to taint | captured_variables.rb:88:5:88:5 | y |
+| captured_variables.rb:78:20:80:7 | [post] do ... end [captured foo, @field] | captured_variables.rb:83:6:83:8 | foo [@field] |
+| captured_variables.rb:79:9:79:11 | [post] foo [@field] | captured_variables.rb:78:20:80:7 | [post] do ... end [captured foo, @field] |
+| captured_variables.rb:79:23:79:30 | call to taint | captured_variables.rb:57:19:57:19 | x |
+| captured_variables.rb:79:23:79:30 | call to taint | captured_variables.rb:79:9:79:11 | [post] foo [@field] |
+| captured_variables.rb:79:23:79:30 | call to taint | instance_variables.rb:10:19:10:19 | x |
+| captured_variables.rb:83:6:83:8 | foo [@field] | captured_variables.rb:60:5:62:7 | self in get_field [@field] |
+| captured_variables.rb:83:6:83:8 | foo [@field] | captured_variables.rb:83:6:83:18 | call to get_field |
+| captured_variables.rb:83:6:83:8 | foo [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
+| captured_variables.rb:85:5:85:12 | call to taint | captured_variables.rb:86:6:89:1 | -> { ... } [captured y] |
+| captured_variables.rb:85:5:85:12 | call to taint | captured_variables.rb:90:1:90:2 | fn [captured y] |
+| captured_variables.rb:85:5:85:12 | call to taint | captured_variables.rb:91:6:91:6 | y |
+| captured_variables.rb:86:1:86:2 | fn [captured y] | captured_variables.rb:90:1:90:2 | fn [captured y] |
+| captured_variables.rb:86:6:89:1 | -> { ... } [captured y] | captured_variables.rb:86:1:86:2 | fn [captured y] |
+| captured_variables.rb:88:9:88:16 | call to taint | captured_variables.rb:90:1:90:2 | [post] fn [captured y] |
+| captured_variables.rb:90:1:90:2 | [post] fn [captured y] | captured_variables.rb:91:6:91:6 | y |
+| captured_variables.rb:90:1:90:2 | fn [captured y] | captured_variables.rb:87:10:87:10 | y |
+| captured_variables.rb:93:17:93:17 | x | captured_variables.rb:94:5:96:5 | -> { ... } [captured x] |
+| captured_variables.rb:98:1:98:21 | call to capture_arg [captured x] | captured_variables.rb:95:14:95:14 | x |
+| captured_variables.rb:98:13:98:20 | call to taint | captured_variables.rb:93:17:93:17 | x |
+| captured_variables.rb:98:13:98:20 | call to taint | captured_variables.rb:98:1:98:21 | call to capture_arg [captured x] |
 | captured_variables.rb:100:21:100:21 | x | captured_variables.rb:101:11:101:11 | x |
 | captured_variables.rb:101:11:101:11 | x | captured_variables.rb:104:31:104:31 | x |
 | captured_variables.rb:104:17:104:24 | call to taint | captured_variables.rb:100:21:100:21 | x |
 | captured_variables.rb:104:31:104:31 | x | captured_variables.rb:105:10:105:10 | x |
-| captured_variables.rb:109:5:109:5 | x | captured_variables.rb:112:18:112:18 | x |
-| captured_variables.rb:109:9:109:17 | call to taint | captured_variables.rb:109:5:109:5 | x |
-| captured_variables.rb:113:13:113:13 | x | captured_variables.rb:112:18:112:18 | x |
-| captured_variables.rb:113:13:113:13 | x | captured_variables.rb:118:10:118:10 | x |
-| captured_variables.rb:113:17:113:25 | call to taint | captured_variables.rb:113:13:113:13 | x |
+| captured_variables.rb:109:9:109:17 | call to taint | captured_variables.rb:110:14:116:5 | -> { ... } [captured x] |
+| captured_variables.rb:109:9:109:17 | call to taint | captured_variables.rb:117:5:117:10 | middle [captured x] |
+| captured_variables.rb:109:9:109:17 | call to taint | captured_variables.rb:118:10:118:10 | x |
+| captured_variables.rb:110:5:110:10 | middle [captured x] | captured_variables.rb:117:5:117:10 | middle [captured x] |
+| captured_variables.rb:110:14:116:5 | -> { ... } [captured x] | captured_variables.rb:110:5:110:10 | middle [captured x] |
+| captured_variables.rb:111:9:111:13 | inner [captured x] | captured_variables.rb:115:9:115:13 | inner [captured x] |
+| captured_variables.rb:111:17:114:9 | -> { ... } [captured x] | captured_variables.rb:111:9:111:13 | inner [captured x] |
+| captured_variables.rb:113:17:113:25 | call to taint | captured_variables.rb:115:9:115:13 | [post] inner [captured x] |
+| captured_variables.rb:115:9:115:13 | [post] inner [captured x] | captured_variables.rb:117:5:117:10 | [post] middle [captured x] |
+| captured_variables.rb:115:9:115:13 | inner [captured x] | captured_variables.rb:112:18:112:18 | x |
+| captured_variables.rb:117:5:117:10 | [post] middle [captured x] | captured_variables.rb:118:10:118:10 | x |
+| captured_variables.rb:117:5:117:10 | middle [captured x] | captured_variables.rb:111:17:114:9 | -> { ... } [captured x] |
+| captured_variables.rb:117:5:117:10 | middle [captured x] | captured_variables.rb:115:9:115:13 | inner [captured x] |
+| captured_variables.rb:147:5:147:6 | [post] self [@x] | captured_variables.rb:153:14:155:7 | do ... end [captured self, @x] |
+| captured_variables.rb:147:10:147:18 | call to taint | captured_variables.rb:147:5:147:6 | [post] self [@x] |
+| captured_variables.rb:149:5:151:7 | &block [captured self, @x] | captured_variables.rb:154:14:154:15 | self [@x] |
+| captured_variables.rb:153:14:155:7 | do ... end [captured self, @x] | captured_variables.rb:149:5:151:7 | &block [captured self, @x] |
+| captured_variables.rb:154:14:154:15 | self [@x] | captured_variables.rb:154:14:154:15 | @x |
 | captured_variables.rb:160:9:160:10 | [post] self [@x] | captured_variables.rb:174:1:174:24 | call to new [@x] |
 | captured_variables.rb:160:14:160:22 | call to taint | captured_variables.rb:160:9:160:10 | [post] self [@x] |
-| captured_variables.rb:167:5:171:7 | self in baz [@x] | captured_variables.rb:169:18:169:19 | self [@x] |
+| captured_variables.rb:163:5:165:7 | &block [captured self, @x] | captured_variables.rb:169:18:169:19 | self [@x] |
+| captured_variables.rb:167:5:171:7 | self in baz [@x] | captured_variables.rb:168:18:170:11 | do ... end [captured self, @x] |
+| captured_variables.rb:168:18:170:11 | do ... end [captured self, @x] | captured_variables.rb:163:5:165:7 | &block [captured self, @x] |
 | captured_variables.rb:169:18:169:19 | self [@x] | captured_variables.rb:169:18:169:19 | @x |
 | captured_variables.rb:174:1:174:24 | call to new [@x] | captured_variables.rb:167:5:171:7 | self in baz [@x] |
 | captured_variables.rb:178:9:178:10 | [post] self [@x] | captured_variables.rb:193:1:193:1 | [post] c [@x] |
 | captured_variables.rb:178:14:178:22 | call to taint | captured_variables.rb:178:9:178:10 | [post] self [@x] |
-| captured_variables.rb:185:5:189:7 | self in baz [@x] | captured_variables.rb:187:18:187:19 | self [@x] |
+| captured_variables.rb:181:5:183:7 | &block [captured self, @x] | captured_variables.rb:187:18:187:19 | self [@x] |
+| captured_variables.rb:185:5:189:7 | self in baz [@x] | captured_variables.rb:186:18:188:11 | do ... end [captured self, @x] |
+| captured_variables.rb:186:18:188:11 | do ... end [captured self, @x] | captured_variables.rb:181:5:183:7 | &block [captured self, @x] |
 | captured_variables.rb:187:18:187:19 | self [@x] | captured_variables.rb:187:18:187:19 | @x |
 | captured_variables.rb:193:1:193:1 | [post] c [@x] | captured_variables.rb:194:1:194:1 | c [@x] |
 | captured_variables.rb:194:1:194:1 | c [@x] | captured_variables.rb:185:5:189:7 | self in baz [@x] |
@@ -188,18 +254,40 @@ edges
 | instance_variables.rb:121:7:121:24 | call to new | instance_variables.rb:121:1:121:3 | bar |
 nodes
 | captured_variables.rb:9:24:9:24 | x | semmle.label | x |
+| captured_variables.rb:10:5:10:6 | fn [captured x] | semmle.label | fn [captured x] |
+| captured_variables.rb:10:10:10:23 | -> { ... } [captured x] | semmle.label | -> { ... } [captured x] |
 | captured_variables.rb:10:20:10:20 | x | semmle.label | x |
+| captured_variables.rb:11:5:11:6 | fn [captured x] | semmle.label | fn [captured x] |
 | captured_variables.rb:13:20:13:29 | call to taint | semmle.label | call to taint |
+| captured_variables.rb:15:28:15:28 | x | semmle.label | x |
+| captured_variables.rb:16:5:18:5 | -> { ... } [captured x] | semmle.label | -> { ... } [captured x] |
+| captured_variables.rb:17:14:17:14 | x | semmle.label | x |
+| captured_variables.rb:20:1:20:35 | ( ... ) [captured x] | semmle.label | ( ... ) [captured x] |
+| captured_variables.rb:20:2:20:34 | call to capture_escape_return1 [captured x] | semmle.label | call to capture_escape_return1 [captured x] |
+| captured_variables.rb:20:25:20:34 | call to taint | semmle.label | call to taint |
+| captured_variables.rb:22:28:22:28 | x | semmle.label | x |
+| captured_variables.rb:23:5:25:5 | -> { ... } [captured x] | semmle.label | -> { ... } [captured x] |
+| captured_variables.rb:24:14:24:14 | x | semmle.label | x |
+| captured_variables.rb:27:25:27:57 | call to capture_escape_return2 [captured x] | semmle.label | call to capture_escape_return2 [captured x] |
+| captured_variables.rb:27:48:27:57 | call to taint | semmle.label | call to taint |
 | captured_variables.rb:29:33:29:33 | x | semmle.label | x |
+| captured_variables.rb:30:5:30:6 | fn [captured x] | semmle.label | fn [captured x] |
+| captured_variables.rb:30:10:32:5 | -> { ... } [captured x] | semmle.label | -> { ... } [captured x] |
 | captured_variables.rb:31:14:31:14 | x | semmle.label | x |
+| captured_variables.rb:33:29:33:30 | fn [captured x] | semmle.label | fn [captured x] |
 | captured_variables.rb:35:29:35:38 | call to taint | semmle.label | call to taint |
+| captured_variables.rb:37:13:37:14 | fn [captured x] | semmle.label | fn [captured x] |
+| captured_variables.rb:38:5:38:6 | fn [captured x] | semmle.label | fn [captured x] |
 | captured_variables.rb:40:31:40:31 | x | semmle.label | x |
+| captured_variables.rb:41:5:41:6 | fn [captured x] | semmle.label | fn [captured x] |
+| captured_variables.rb:41:10:43:5 | -> { ... } [captured x] | semmle.label | -> { ... } [captured x] |
 | captured_variables.rb:42:14:42:14 | x | semmle.label | x |
+| captured_variables.rb:44:13:44:14 | fn [captured x] | semmle.label | fn [captured x] |
 | captured_variables.rb:46:27:46:36 | call to taint | semmle.label | call to taint |
-| captured_variables.rb:48:1:48:1 | x | semmle.label | x |
 | captured_variables.rb:48:5:48:12 | call to taint | semmle.label | call to taint |
+| captured_variables.rb:49:16:52:3 | [post] do ... end [captured x] | semmle.label | [post] do ... end [captured x] |
+| captured_variables.rb:49:16:52:3 | do ... end [captured x] | semmle.label | do ... end [captured x] |
 | captured_variables.rb:50:10:50:10 | x | semmle.label | x |
-| captured_variables.rb:51:5:51:5 | x | semmle.label | x |
 | captured_variables.rb:51:9:51:16 | call to taint | semmle.label | call to taint |
 | captured_variables.rb:54:6:54:6 | x | semmle.label | x |
 | captured_variables.rb:57:19:57:19 | x | semmle.label | x |
@@ -211,34 +299,68 @@ nodes
 | captured_variables.rb:61:16:61:21 | self [@field] | semmle.label | self [@field] |
 | captured_variables.rb:66:1:66:3 | [post] foo [@field] | semmle.label | [post] foo [@field] |
 | captured_variables.rb:66:15:66:22 | call to taint | semmle.label | call to taint |
+| captured_variables.rb:67:16:70:3 | [post] do ... end [captured foo, @field] | semmle.label | [post] do ... end [captured foo, @field] |
+| captured_variables.rb:67:16:70:3 | do ... end [captured foo, @field] | semmle.label | do ... end [captured foo, @field] |
+| captured_variables.rb:68:10:68:12 | foo [@field] | semmle.label | foo [@field] |
+| captured_variables.rb:68:10:68:22 | call to get_field | semmle.label | call to get_field |
+| captured_variables.rb:69:5:69:7 | [post] foo [@field] | semmle.label | [post] foo [@field] |
+| captured_variables.rb:69:19:69:26 | call to taint | semmle.label | call to taint |
 | captured_variables.rb:72:6:72:8 | foo [@field] | semmle.label | foo [@field] |
 | captured_variables.rb:72:6:72:18 | call to get_field | semmle.label | call to get_field |
-| captured_variables.rb:85:1:85:1 | y | semmle.label | y |
+| captured_variables.rb:78:20:80:7 | [post] do ... end [captured foo, @field] | semmle.label | [post] do ... end [captured foo, @field] |
+| captured_variables.rb:79:9:79:11 | [post] foo [@field] | semmle.label | [post] foo [@field] |
+| captured_variables.rb:79:23:79:30 | call to taint | semmle.label | call to taint |
+| captured_variables.rb:83:6:83:8 | foo [@field] | semmle.label | foo [@field] |
+| captured_variables.rb:83:6:83:18 | call to get_field | semmle.label | call to get_field |
 | captured_variables.rb:85:5:85:12 | call to taint | semmle.label | call to taint |
+| captured_variables.rb:86:1:86:2 | fn [captured y] | semmle.label | fn [captured y] |
+| captured_variables.rb:86:6:89:1 | -> { ... } [captured y] | semmle.label | -> { ... } [captured y] |
 | captured_variables.rb:87:10:87:10 | y | semmle.label | y |
-| captured_variables.rb:88:5:88:5 | y | semmle.label | y |
 | captured_variables.rb:88:9:88:16 | call to taint | semmle.label | call to taint |
+| captured_variables.rb:90:1:90:2 | [post] fn [captured y] | semmle.label | [post] fn [captured y] |
+| captured_variables.rb:90:1:90:2 | fn [captured y] | semmle.label | fn [captured y] |
 | captured_variables.rb:91:6:91:6 | y | semmle.label | y |
+| captured_variables.rb:93:17:93:17 | x | semmle.label | x |
+| captured_variables.rb:94:5:96:5 | -> { ... } [captured x] | semmle.label | -> { ... } [captured x] |
+| captured_variables.rb:95:14:95:14 | x | semmle.label | x |
+| captured_variables.rb:98:1:98:21 | call to capture_arg [captured x] | semmle.label | call to capture_arg [captured x] |
+| captured_variables.rb:98:13:98:20 | call to taint | semmle.label | call to taint |
 | captured_variables.rb:100:21:100:21 | x | semmle.label | x |
 | captured_variables.rb:101:11:101:11 | x | semmle.label | x |
 | captured_variables.rb:104:17:104:24 | call to taint | semmle.label | call to taint |
 | captured_variables.rb:104:31:104:31 | x | semmle.label | x |
 | captured_variables.rb:105:10:105:10 | x | semmle.label | x |
-| captured_variables.rb:109:5:109:5 | x | semmle.label | x |
 | captured_variables.rb:109:9:109:17 | call to taint | semmle.label | call to taint |
+| captured_variables.rb:110:5:110:10 | middle [captured x] | semmle.label | middle [captured x] |
+| captured_variables.rb:110:14:116:5 | -> { ... } [captured x] | semmle.label | -> { ... } [captured x] |
+| captured_variables.rb:111:9:111:13 | inner [captured x] | semmle.label | inner [captured x] |
+| captured_variables.rb:111:17:114:9 | -> { ... } [captured x] | semmle.label | -> { ... } [captured x] |
 | captured_variables.rb:112:18:112:18 | x | semmle.label | x |
-| captured_variables.rb:113:13:113:13 | x | semmle.label | x |
 | captured_variables.rb:113:17:113:25 | call to taint | semmle.label | call to taint |
+| captured_variables.rb:115:9:115:13 | [post] inner [captured x] | semmle.label | [post] inner [captured x] |
+| captured_variables.rb:115:9:115:13 | inner [captured x] | semmle.label | inner [captured x] |
+| captured_variables.rb:117:5:117:10 | [post] middle [captured x] | semmle.label | [post] middle [captured x] |
+| captured_variables.rb:117:5:117:10 | middle [captured x] | semmle.label | middle [captured x] |
 | captured_variables.rb:118:10:118:10 | x | semmle.label | x |
+| captured_variables.rb:147:5:147:6 | [post] self [@x] | semmle.label | [post] self [@x] |
+| captured_variables.rb:147:10:147:18 | call to taint | semmle.label | call to taint |
+| captured_variables.rb:149:5:151:7 | &block [captured self, @x] | semmle.label | &block [captured self, @x] |
+| captured_variables.rb:153:14:155:7 | do ... end [captured self, @x] | semmle.label | do ... end [captured self, @x] |
+| captured_variables.rb:154:14:154:15 | @x | semmle.label | @x |
+| captured_variables.rb:154:14:154:15 | self [@x] | semmle.label | self [@x] |
 | captured_variables.rb:160:9:160:10 | [post] self [@x] | semmle.label | [post] self [@x] |
 | captured_variables.rb:160:14:160:22 | call to taint | semmle.label | call to taint |
+| captured_variables.rb:163:5:165:7 | &block [captured self, @x] | semmle.label | &block [captured self, @x] |
 | captured_variables.rb:167:5:171:7 | self in baz [@x] | semmle.label | self in baz [@x] |
+| captured_variables.rb:168:18:170:11 | do ... end [captured self, @x] | semmle.label | do ... end [captured self, @x] |
 | captured_variables.rb:169:18:169:19 | @x | semmle.label | @x |
 | captured_variables.rb:169:18:169:19 | self [@x] | semmle.label | self [@x] |
 | captured_variables.rb:174:1:174:24 | call to new [@x] | semmle.label | call to new [@x] |
 | captured_variables.rb:178:9:178:10 | [post] self [@x] | semmle.label | [post] self [@x] |
 | captured_variables.rb:178:14:178:22 | call to taint | semmle.label | call to taint |
+| captured_variables.rb:181:5:183:7 | &block [captured self, @x] | semmle.label | &block [captured self, @x] |
 | captured_variables.rb:185:5:189:7 | self in baz [@x] | semmle.label | self in baz [@x] |
+| captured_variables.rb:186:18:188:11 | do ... end [captured self, @x] | semmle.label | do ... end [captured self, @x] |
 | captured_variables.rb:187:18:187:19 | @x | semmle.label | @x |
 | captured_variables.rb:187:18:187:19 | self [@x] | semmle.label | self [@x] |
 | captured_variables.rb:193:1:193:1 | [post] c [@x] | semmle.label | [post] c [@x] |
@@ -348,10 +470,21 @@ nodes
 | instance_variables.rb:121:7:121:24 | call to new | semmle.label | call to new |
 | instance_variables.rb:122:6:122:8 | bar | semmle.label | bar |
 subpaths
+| captured_variables.rb:20:25:20:34 | call to taint | captured_variables.rb:15:28:15:28 | x | captured_variables.rb:16:5:18:5 | -> { ... } [captured x] | captured_variables.rb:20:2:20:34 | call to capture_escape_return1 [captured x] |
+| captured_variables.rb:27:48:27:57 | call to taint | captured_variables.rb:22:28:22:28 | x | captured_variables.rb:23:5:25:5 | -> { ... } [captured x] | captured_variables.rb:27:25:27:57 | call to capture_escape_return2 [captured x] |
 | captured_variables.rb:66:15:66:22 | call to taint | captured_variables.rb:57:19:57:19 | x | captured_variables.rb:58:9:58:14 | [post] self [@field] | captured_variables.rb:66:1:66:3 | [post] foo [@field] |
 | captured_variables.rb:66:15:66:22 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | captured_variables.rb:66:1:66:3 | [post] foo [@field] |
+| captured_variables.rb:68:10:68:12 | foo [@field] | captured_variables.rb:60:5:62:7 | self in get_field [@field] | captured_variables.rb:61:9:61:21 | return | captured_variables.rb:68:10:68:22 | call to get_field |
+| captured_variables.rb:68:10:68:12 | foo [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | captured_variables.rb:68:10:68:22 | call to get_field |
+| captured_variables.rb:69:19:69:26 | call to taint | captured_variables.rb:57:19:57:19 | x | captured_variables.rb:58:9:58:14 | [post] self [@field] | captured_variables.rb:69:5:69:7 | [post] foo [@field] |
+| captured_variables.rb:69:19:69:26 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | captured_variables.rb:69:5:69:7 | [post] foo [@field] |
 | captured_variables.rb:72:6:72:8 | foo [@field] | captured_variables.rb:60:5:62:7 | self in get_field [@field] | captured_variables.rb:61:9:61:21 | return | captured_variables.rb:72:6:72:18 | call to get_field |
 | captured_variables.rb:72:6:72:8 | foo [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | captured_variables.rb:72:6:72:18 | call to get_field |
+| captured_variables.rb:79:23:79:30 | call to taint | captured_variables.rb:57:19:57:19 | x | captured_variables.rb:58:9:58:14 | [post] self [@field] | captured_variables.rb:79:9:79:11 | [post] foo [@field] |
+| captured_variables.rb:79:23:79:30 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | captured_variables.rb:79:9:79:11 | [post] foo [@field] |
+| captured_variables.rb:83:6:83:8 | foo [@field] | captured_variables.rb:60:5:62:7 | self in get_field [@field] | captured_variables.rb:61:9:61:21 | return | captured_variables.rb:83:6:83:18 | call to get_field |
+| captured_variables.rb:83:6:83:8 | foo [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | captured_variables.rb:83:6:83:18 | call to get_field |
+| captured_variables.rb:98:13:98:20 | call to taint | captured_variables.rb:93:17:93:17 | x | captured_variables.rb:94:5:96:5 | -> { ... } [captured x] | captured_variables.rb:98:1:98:21 | call to capture_arg [captured x] |
 | instance_variables.rb:28:20:28:24 | field | instance_variables.rb:22:20:22:24 | field | instance_variables.rb:23:9:23:14 | [post] self [@field] | instance_variables.rb:28:9:28:25 | [post] self [@field] |
 | instance_variables.rb:33:13:33:13 | x | instance_variables.rb:22:20:22:24 | field | instance_variables.rb:23:9:23:14 | [post] self [@field] | instance_variables.rb:33:9:33:14 | call to new [@field] |
 | instance_variables.rb:36:10:36:23 | call to new [@field] | captured_variables.rb:60:5:62:7 | self in get_field [@field] | captured_variables.rb:61:9:61:21 | return | instance_variables.rb:36:10:36:33 | call to get_field |
@@ -416,18 +549,26 @@ subpaths
 | instance_variables.rb:120:6:120:10 | foo16 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:120:6:120:20 | call to get_field |
 #select
 | captured_variables.rb:10:20:10:20 | x | captured_variables.rb:13:20:13:29 | call to taint | captured_variables.rb:10:20:10:20 | x | $@ | captured_variables.rb:13:20:13:29 | call to taint | call to taint |
+| captured_variables.rb:17:14:17:14 | x | captured_variables.rb:20:25:20:34 | call to taint | captured_variables.rb:17:14:17:14 | x | $@ | captured_variables.rb:20:25:20:34 | call to taint | call to taint |
+| captured_variables.rb:24:14:24:14 | x | captured_variables.rb:27:48:27:57 | call to taint | captured_variables.rb:24:14:24:14 | x | $@ | captured_variables.rb:27:48:27:57 | call to taint | call to taint |
 | captured_variables.rb:31:14:31:14 | x | captured_variables.rb:35:29:35:38 | call to taint | captured_variables.rb:31:14:31:14 | x | $@ | captured_variables.rb:35:29:35:38 | call to taint | call to taint |
 | captured_variables.rb:42:14:42:14 | x | captured_variables.rb:46:27:46:36 | call to taint | captured_variables.rb:42:14:42:14 | x | $@ | captured_variables.rb:46:27:46:36 | call to taint | call to taint |
 | captured_variables.rb:50:10:50:10 | x | captured_variables.rb:48:5:48:12 | call to taint | captured_variables.rb:50:10:50:10 | x | $@ | captured_variables.rb:48:5:48:12 | call to taint | call to taint |
+| captured_variables.rb:54:6:54:6 | x | captured_variables.rb:48:5:48:12 | call to taint | captured_variables.rb:54:6:54:6 | x | $@ | captured_variables.rb:48:5:48:12 | call to taint | call to taint |
 | captured_variables.rb:54:6:54:6 | x | captured_variables.rb:51:9:51:16 | call to taint | captured_variables.rb:54:6:54:6 | x | $@ | captured_variables.rb:51:9:51:16 | call to taint | call to taint |
+| captured_variables.rb:68:10:68:22 | call to get_field | captured_variables.rb:66:15:66:22 | call to taint | captured_variables.rb:68:10:68:22 | call to get_field | $@ | captured_variables.rb:66:15:66:22 | call to taint | call to taint |
 | captured_variables.rb:72:6:72:18 | call to get_field | captured_variables.rb:66:15:66:22 | call to taint | captured_variables.rb:72:6:72:18 | call to get_field | $@ | captured_variables.rb:66:15:66:22 | call to taint | call to taint |
+| captured_variables.rb:72:6:72:18 | call to get_field | captured_variables.rb:69:19:69:26 | call to taint | captured_variables.rb:72:6:72:18 | call to get_field | $@ | captured_variables.rb:69:19:69:26 | call to taint | call to taint |
+| captured_variables.rb:83:6:83:18 | call to get_field | captured_variables.rb:79:23:79:30 | call to taint | captured_variables.rb:83:6:83:18 | call to get_field | $@ | captured_variables.rb:79:23:79:30 | call to taint | call to taint |
 | captured_variables.rb:87:10:87:10 | y | captured_variables.rb:85:5:85:12 | call to taint | captured_variables.rb:87:10:87:10 | y | $@ | captured_variables.rb:85:5:85:12 | call to taint | call to taint |
-| captured_variables.rb:87:10:87:10 | y | captured_variables.rb:88:9:88:16 | call to taint | captured_variables.rb:87:10:87:10 | y | $@ | captured_variables.rb:88:9:88:16 | call to taint | call to taint |
+| captured_variables.rb:91:6:91:6 | y | captured_variables.rb:85:5:85:12 | call to taint | captured_variables.rb:91:6:91:6 | y | $@ | captured_variables.rb:85:5:85:12 | call to taint | call to taint |
 | captured_variables.rb:91:6:91:6 | y | captured_variables.rb:88:9:88:16 | call to taint | captured_variables.rb:91:6:91:6 | y | $@ | captured_variables.rb:88:9:88:16 | call to taint | call to taint |
+| captured_variables.rb:95:14:95:14 | x | captured_variables.rb:98:13:98:20 | call to taint | captured_variables.rb:95:14:95:14 | x | $@ | captured_variables.rb:98:13:98:20 | call to taint | call to taint |
 | captured_variables.rb:105:10:105:10 | x | captured_variables.rb:104:17:104:24 | call to taint | captured_variables.rb:105:10:105:10 | x | $@ | captured_variables.rb:104:17:104:24 | call to taint | call to taint |
 | captured_variables.rb:112:18:112:18 | x | captured_variables.rb:109:9:109:17 | call to taint | captured_variables.rb:112:18:112:18 | x | $@ | captured_variables.rb:109:9:109:17 | call to taint | call to taint |
-| captured_variables.rb:112:18:112:18 | x | captured_variables.rb:113:17:113:25 | call to taint | captured_variables.rb:112:18:112:18 | x | $@ | captured_variables.rb:113:17:113:25 | call to taint | call to taint |
+| captured_variables.rb:118:10:118:10 | x | captured_variables.rb:109:9:109:17 | call to taint | captured_variables.rb:118:10:118:10 | x | $@ | captured_variables.rb:109:9:109:17 | call to taint | call to taint |
 | captured_variables.rb:118:10:118:10 | x | captured_variables.rb:113:17:113:25 | call to taint | captured_variables.rb:118:10:118:10 | x | $@ | captured_variables.rb:113:17:113:25 | call to taint | call to taint |
+| captured_variables.rb:154:14:154:15 | @x | captured_variables.rb:147:10:147:18 | call to taint | captured_variables.rb:154:14:154:15 | @x | $@ | captured_variables.rb:147:10:147:18 | call to taint | call to taint |
 | captured_variables.rb:169:18:169:19 | @x | captured_variables.rb:160:14:160:22 | call to taint | captured_variables.rb:169:18:169:19 | @x | $@ | captured_variables.rb:160:14:160:22 | call to taint | call to taint |
 | captured_variables.rb:187:18:187:19 | @x | captured_variables.rb:178:14:178:22 | call to taint | captured_variables.rb:187:18:187:19 | @x | $@ | captured_variables.rb:178:14:178:22 | call to taint | call to taint |
 | instance_variables.rb:20:10:20:13 | @foo | instance_variables.rb:19:12:19:21 | call to taint | instance_variables.rb:20:10:20:13 | @foo | $@ | instance_variables.rb:19:12:19:21 | call to taint | call to taint |
--- a/ruby/ql/test/library-tests/dataflow/global/TypeTrackingInlineTest.expected
+++ b/ruby/ql/test/library-tests/dataflow/global/TypeTrackingInlineTest.expected
@@ -1,13 +1,13 @@
 testFailures
-| captured_variables.rb:17:14:17:14 | x | Fixed missing result:hasValueFlow=1.2 |
-| captured_variables.rb:24:14:24:14 | x | Fixed missing result:hasValueFlow=1.3 |
 | captured_variables.rb:50:10:50:10 | x | Fixed missing result:hasValueFlow=2 |
-| captured_variables.rb:54:6:54:6 | x | Unexpected result: hasValueFlow=1 |
-| captured_variables.rb:72:21:72:75 | # $ MISSING: hasValueFlow=4 $ SPURIOUS: hasValueFlow=3  | Fixed spurious result:hasValueFlow=3 |
-| captured_variables.rb:91:6:91:6 | y | Unexpected result: hasValueFlow=6 |
-| captured_variables.rb:95:14:95:14 | x | Fixed missing result:hasValueFlow=8 |
-| captured_variables.rb:118:10:118:10 | x | Unexpected result: hasValueFlow=10 |
+| captured_variables.rb:68:25:68:68 | # $ hasValueFlow=3 $ MISSING: hasValueFlow=4 | Missing result:hasValueFlow=3 |
+| captured_variables.rb:72:21:72:66 | # $ hasValueFlow=4 $ SPURIOUS: hasValueFlow=3  | Fixed spurious result:hasValueFlow=3 |
+| captured_variables.rb:72:21:72:66 | # $ hasValueFlow=4 $ SPURIOUS: hasValueFlow=3  | Missing result:hasValueFlow=4 |
+| captured_variables.rb:83:21:83:38 | # $ hasValueFlow=5 | Missing result:hasValueFlow=5 |
+| captured_variables.rb:87:10:87:10 | y | Unexpected result: hasValueFlow=7 |
+| captured_variables.rb:112:18:112:18 | x | Unexpected result: hasValueFlow=11 |
 | captured_variables.rb:126:14:126:14 | x | Fixed missing result:hasValueFlow=12 |
+| captured_variables.rb:154:17:154:35 | # $ hasValueFlow=13 | Missing result:hasValueFlow=13 |
 | instance_variables.rb:20:16:20:33 | # $ hasValueFlow=7 | Missing result:hasValueFlow=7 |
 | instance_variables.rb:36:36:36:54 | # $ hasValueFlow=34 | Missing result:hasValueFlow=34 |
 | instance_variables.rb:39:36:39:54 | # $ hasValueFlow=35 | Missing result:hasValueFlow=35 |
--- a/ruby/ql/test/library-tests/dataflow/global/captured_variables.rb
+++ b/ruby/ql/test/library-tests/dataflow/global/captured_variables.rb
@@ -14,14 +14,14 @@ capture_local_call taint(1.1)

 def capture_escape_return1 x
    -> {
-        sink(x) # $ MISSING: hasValueFlow=1.2
+        sink(x) # $ hasValueFlow=1.2
    }
 end
 (capture_escape_return1 taint(1.2)).call

 def capture_escape_return2 x
    -> {
-        sink(x) # $ MISSING: hasValueFlow=1.3
+        sink(x) # $ hasValueFlow=1.3
    }
 end
 Something.unknownMethod(capture_escape_return2 taint(1.3))
@@ -51,7 +51,7 @@ x = taint(1)
    x = taint(2)
 end

-sink x # $ hasValueFlow=2
+sink x # $ hasValueFlow=2 $ SPURIOUS: hasValueFlow=1

 class Foo
    def set_field x
@@ -65,11 +65,11 @@ end
 foo = Foo.new
 foo.set_field(taint(3))
 [1, 2, 3].each do |i|
-    sink(foo.get_field) # $ MISSING: hasValueFlow=3 $ MISSING: hasValueFlow=4
+    sink(foo.get_field) # $ hasValueFlow=3 $ MISSING: hasValueFlow=4
    foo.set_field(taint(4))
 end

-sink(foo.get_field) # $ MISSING: hasValueFlow=4 $ SPURIOUS: hasValueFlow=3 
+sink(foo.get_field) # $ hasValueFlow=4 $ SPURIOUS: hasValueFlow=3 

 foo = Foo.new
 if (rand() < 0) then
@@ -80,19 +80,19 @@ else
    end
 end

-sink(foo.get_field) # $ MISSING: hasValueFlow=5
+sink(foo.get_field) # $ hasValueFlow=5

 y = taint(6)
 fn = -> {
-    sink(y) # $ hasValueFlow=6 $ SPURIOUS: hasValueFlow=7
+    sink(y) # $ hasValueFlow=6
    y = taint(7)
 }
 fn.call
-sink(y) # $ hasValueFlow=7
+sink(y) # $ hasValueFlow=7 $ SPURIOUS: hasValueFlow=6

 def capture_arg x
    -> {
-        sink x # $ MISSING: hasValueFlow=8
+        sink x # $ hasValueFlow=8
    }
 end
 capture_arg(taint(8)).call
@@ -109,13 +109,13 @@ def capture_nested
    x = taint(10)
    middle = -> {
        inner = -> {
-            sink x # $ hasValueFlow=10 $ SPURIOUS: hasValueFlow=11
+            sink x # $ hasValueFlow=10
            x = taint(11)
        }
        inner.call
    }
    middle.call
-    sink x # $ hasValueFlow=11
+    sink x # $ hasValueFlow=11 $ SPURIOUS: hasValueFlow=10
 end
 capture_nested

@@ -151,7 +151,7 @@ module CaptureModuleSelf
    end

    self.foo do
-        sink @x # $ MISSING: hasValueFlow=13
+        sink @x # $ hasValueFlow=13
    end
 end

--- a/ruby/ql/test/library-tests/dataflow/summaries/Summaries.expected
+++ b/ruby/ql/test/library-tests/dataflow/summaries/Summaries.expected
@@ -1,59 +1,57 @@
 testFailures
 edges
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:2:6:2:12 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:2:6:2:12 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:4:24:4:30 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:4:24:4:30 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:16:36:16:42 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:16:36:16:42 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:20:25:20:31 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:26:31:26:37 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:30:24:30:30 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:31:27:31:33 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:34:16:34:22 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:34:16:34:22 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:35:16:35:22 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:35:16:35:22 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:36:21:36:27 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:36:21:36:27 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:37:36:37:42 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:37:36:37:42 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:51:24:51:30 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:56:22:56:28 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:57:17:57:23 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:59:27:59:33 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:63:32:63:38 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:65:23:65:29 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:122:16:122:22 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:128:14:128:20 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:131:16:131:22 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:131:16:131:22 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:132:21:132:27 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:132:21:132:27 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:135:26:135:32 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:135:26:135:32 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:137:23:137:29 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:137:23:137:29 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:140:19:140:25 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:140:19:140:25 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:141:19:141:25 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:141:19:141:25 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:145:26:145:32 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:145:26:145:32 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:147:16:147:22 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:147:16:147:22 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:150:39:150:45 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:150:39:150:45 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:154:20:154:26 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:154:20:154:26 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:155:28:155:34 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:155:28:155:34 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:156:27:156:33 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:156:27:156:33 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:158:15:158:21 | tainted |
-| summaries.rb:1:1:1:7 | tainted | summaries.rb:158:15:158:21 | tainted |
-| summaries.rb:1:11:1:36 | call to identity | summaries.rb:1:1:1:7 | tainted |
-| summaries.rb:1:11:1:36 | call to identity | summaries.rb:1:1:1:7 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:2:6:2:12 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:2:6:2:12 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:4:24:4:30 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:4:24:4:30 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:16:36:16:42 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:16:36:16:42 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:20:25:20:31 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:26:31:26:37 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:30:24:30:30 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:31:27:31:33 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:34:16:34:22 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:34:16:34:22 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:35:16:35:22 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:35:16:35:22 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:36:21:36:27 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:36:21:36:27 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:37:36:37:42 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:37:36:37:42 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:51:24:51:30 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:56:22:56:28 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:57:17:57:23 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:59:27:59:33 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:63:32:63:38 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:65:23:65:29 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:122:16:122:22 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:128:14:128:20 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:131:16:131:22 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:131:16:131:22 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:132:21:132:27 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:132:21:132:27 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:135:26:135:32 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:135:26:135:32 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:137:23:137:29 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:137:23:137:29 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:140:19:140:25 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:140:19:140:25 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:141:19:141:25 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:141:19:141:25 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:145:26:145:32 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:145:26:145:32 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:147:16:147:22 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:147:16:147:22 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:150:39:150:45 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:150:39:150:45 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:154:20:154:26 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:154:20:154:26 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:155:28:155:34 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:155:28:155:34 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:156:27:156:33 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:156:27:156:33 | tainted |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:157:14:160:3 | do ... end [captured tainted] |
+| summaries.rb:1:11:1:36 | call to identity | summaries.rb:157:14:160:3 | do ... end [captured tainted] |
 | summaries.rb:1:20:1:36 | call to source | summaries.rb:1:11:1:36 | call to identity |
 | summaries.rb:1:20:1:36 | call to source | summaries.rb:1:11:1:36 | call to identity |
 | summaries.rb:4:1:4:8 | tainted2 | summaries.rb:9:6:9:13 | tainted2 |
@@ -242,6 +240,7 @@ edges
 | summaries.rb:122:16:122:22 | [post] tainted | summaries.rb:154:20:154:26 | tainted |
 | summaries.rb:122:16:122:22 | [post] tainted | summaries.rb:155:28:155:34 | tainted |
 | summaries.rb:122:16:122:22 | [post] tainted | summaries.rb:156:27:156:33 | tainted |
+| summaries.rb:122:16:122:22 | [post] tainted | summaries.rb:157:14:160:3 | do ... end [captured tainted] |
 | summaries.rb:122:16:122:22 | tainted | summaries.rb:122:16:122:22 | [post] tainted |
 | summaries.rb:122:16:122:22 | tainted | summaries.rb:122:25:122:25 | [post] y |
 | summaries.rb:122:16:122:22 | tainted | summaries.rb:122:33:122:33 | [post] z |
@@ -249,9 +248,9 @@ edges
 | summaries.rb:122:33:122:33 | [post] z | summaries.rb:125:6:125:6 | z |
 | summaries.rb:128:1:128:1 | [post] x | summaries.rb:129:6:129:6 | x |
 | summaries.rb:128:14:128:20 | tainted | summaries.rb:128:1:128:1 | [post] x |
+| summaries.rb:157:14:160:3 | do ... end [captured tainted] | summaries.rb:158:15:158:21 | tainted |
+| summaries.rb:157:14:160:3 | do ... end [captured tainted] | summaries.rb:158:15:158:21 | tainted |
 nodes
-| summaries.rb:1:1:1:7 | tainted | semmle.label | tainted |
-| summaries.rb:1:1:1:7 | tainted | semmle.label | tainted |
 | summaries.rb:1:11:1:36 | call to identity | semmle.label | call to identity |
 | summaries.rb:1:11:1:36 | call to identity | semmle.label | call to identity |
 | summaries.rb:1:20:1:36 | call to source | semmle.label | call to source |
@@ -491,6 +490,8 @@ nodes
 | summaries.rb:155:28:155:34 | tainted | semmle.label | tainted |
 | summaries.rb:156:27:156:33 | tainted | semmle.label | tainted |
 | summaries.rb:156:27:156:33 | tainted | semmle.label | tainted |
+| summaries.rb:157:14:160:3 | do ... end [captured tainted] | semmle.label | do ... end [captured tainted] |
+| summaries.rb:157:14:160:3 | do ... end [captured tainted] | semmle.label | do ... end [captured tainted] |
 | summaries.rb:158:15:158:21 | tainted | semmle.label | tainted |
 | summaries.rb:158:15:158:21 | tainted | semmle.label | tainted |
 | summaries.rb:163:20:163:36 | call to source | semmle.label | call to source |
--- a/ruby/ql/test/library-tests/frameworks/sinatra/Sinatra.expected
+++ b/ruby/ql/test/library-tests/frameworks/sinatra/Sinatra.expected
@@ -43,51 +43,43 @@ filterPatterns
 | app.rb:106:3:108:5 | call to before | app.rb:106:10:106:23 | "/protected/*" |
 | app.rb:111:3:113:5 | call to after | app.rb:111:9:111:23 | "/create/:slug" |
 additionalFlowSteps
-| app.rb:85:5:85:9 | [post] self | app.rb:2:22:4:5 | <captured entry> self |
-| app.rb:85:5:85:9 | [post] self | app.rb:10:21:13:5 | <captured entry> self |
-| app.rb:85:5:85:9 | [post] self | app.rb:15:23:18:5 | <captured entry> self |
-| app.rb:85:5:85:9 | [post] self | app.rb:24:26:26:5 | <captured entry> self |
-| app.rb:85:5:85:9 | [post] self | app.rb:37:16:42:5 | <captured entry> self |
-| app.rb:85:5:85:9 | [post] self | app.rb:44:53:46:5 | <captured entry> self |
-| app.rb:85:5:85:9 | [post] self | app.rb:56:32:58:5 | <captured entry> self |
-| app.rb:85:5:85:9 | [post] self | app.rb:60:48:62:5 | <captured entry> self |
-| app.rb:85:5:85:9 | [post] self | app.rb:74:11:77:5 | <captured entry> self |
-| app.rb:85:5:85:9 | [post] self | app.rb:79:11:82:5 | <captured entry> self |
-| app.rb:85:5:85:9 | [post] self | app.rb:89:16:92:5 | <captured entry> self |
-| app.rb:85:5:85:9 | [post] self | app.rb:94:15:96:5 | <captured entry> self |
-| app.rb:86:5:86:11 | [post] self | app.rb:2:22:4:5 | <captured entry> self |
-| app.rb:86:5:86:11 | [post] self | app.rb:10:21:13:5 | <captured entry> self |
-| app.rb:86:5:86:11 | [post] self | app.rb:15:23:18:5 | <captured entry> self |
-| app.rb:86:5:86:11 | [post] self | app.rb:24:26:26:5 | <captured entry> self |
-| app.rb:86:5:86:11 | [post] self | app.rb:37:16:42:5 | <captured entry> self |
-| app.rb:86:5:86:11 | [post] self | app.rb:44:53:46:5 | <captured entry> self |
-| app.rb:86:5:86:11 | [post] self | app.rb:56:32:58:5 | <captured entry> self |
-| app.rb:86:5:86:11 | [post] self | app.rb:60:48:62:5 | <captured entry> self |
-| app.rb:86:5:86:11 | [post] self | app.rb:74:11:77:5 | <captured entry> self |
-| app.rb:86:5:86:11 | [post] self | app.rb:79:11:82:5 | <captured entry> self |
-| app.rb:86:5:86:11 | [post] self | app.rb:89:16:92:5 | <captured entry> self |
-| app.rb:86:5:86:11 | [post] self | app.rb:94:15:96:5 | <captured entry> self |
-| app.rb:103:5:103:9 | [post] self | app.rb:2:22:4:5 | <captured entry> self |
-| app.rb:103:5:103:9 | [post] self | app.rb:10:21:13:5 | <captured entry> self |
-| app.rb:103:5:103:9 | [post] self | app.rb:15:23:18:5 | <captured entry> self |
-| app.rb:103:5:103:9 | [post] self | app.rb:24:26:26:5 | <captured entry> self |
-| app.rb:103:5:103:9 | [post] self | app.rb:37:16:42:5 | <captured entry> self |
-| app.rb:103:5:103:9 | [post] self | app.rb:44:53:46:5 | <captured entry> self |
-| app.rb:103:5:103:9 | [post] self | app.rb:56:32:58:5 | <captured entry> self |
-| app.rb:103:5:103:9 | [post] self | app.rb:60:48:62:5 | <captured entry> self |
-| app.rb:103:5:103:9 | [post] self | app.rb:74:11:77:5 | <captured entry> self |
-| app.rb:103:5:103:9 | [post] self | app.rb:79:11:82:5 | <captured entry> self |
-| app.rb:103:5:103:9 | [post] self | app.rb:89:16:92:5 | <captured entry> self |
-| app.rb:103:5:103:9 | [post] self | app.rb:94:15:96:5 | <captured entry> self |
-| app.rb:103:13:103:22 | [post] self | app.rb:2:22:4:5 | <captured entry> self |
-| app.rb:103:13:103:22 | [post] self | app.rb:10:21:13:5 | <captured entry> self |
-| app.rb:103:13:103:22 | [post] self | app.rb:15:23:18:5 | <captured entry> self |
-| app.rb:103:13:103:22 | [post] self | app.rb:24:26:26:5 | <captured entry> self |
-| app.rb:103:13:103:22 | [post] self | app.rb:37:16:42:5 | <captured entry> self |
-| app.rb:103:13:103:22 | [post] self | app.rb:44:53:46:5 | <captured entry> self |
-| app.rb:103:13:103:22 | [post] self | app.rb:56:32:58:5 | <captured entry> self |
-| app.rb:103:13:103:22 | [post] self | app.rb:60:48:62:5 | <captured entry> self |
-| app.rb:103:13:103:22 | [post] self | app.rb:74:11:77:5 | <captured entry> self |
-| app.rb:103:13:103:22 | [post] self | app.rb:79:11:82:5 | <captured entry> self |
-| app.rb:103:13:103:22 | [post] self | app.rb:89:16:92:5 | <captured entry> self |
-| app.rb:103:13:103:22 | [post] self | app.rb:94:15:96:5 | <captured entry> self |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:2:22:4:5 | lambda self in do ... end |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:6:24:8:5 | lambda self in do ... end |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:10:21:13:5 | lambda self in do ... end |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:15:23:18:5 | lambda self in do ... end |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:20:23:22:5 | lambda self in do ... end |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:24:26:26:5 | lambda self in do ... end |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:28:26:31:5 | lambda self in do ... end |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:33:25:35:5 | lambda self in do ... end |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:37:16:42:5 | lambda self in do ... end |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:44:53:46:5 | lambda self in do ... end |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:48:14:50:5 | lambda self in do ... end |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:52:37:54:5 | lambda self in do ... end |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:56:32:58:5 | lambda self in do ... end |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:60:48:62:5 | lambda self in do ... end |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:66:41:68:5 | lambda self in do ... end |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:70:20:72:5 | lambda self in do ... end |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:74:11:77:5 | lambda self in do ... end |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:79:11:82:5 | lambda self in do ... end |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:89:16:92:5 | lambda self in do ... end |
+| app.rb:84:10:87:5 | [post] do ... end | app.rb:94:15:96:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:2:22:4:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:6:24:8:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:10:21:13:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:15:23:18:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:20:23:22:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:24:26:26:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:28:26:31:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:33:25:35:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:37:16:42:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:44:53:46:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:48:14:50:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:52:37:54:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:56:32:58:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:60:48:62:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:66:41:68:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:70:20:72:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:74:11:77:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:79:11:82:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:89:16:92:5 | lambda self in do ... end |
+| app.rb:102:10:104:5 | [post] do ... end | app.rb:94:15:96:5 | lambda self in do ... end |