mirror of
https://github.com/github/codeql.git
synced 2025-12-17 01:03:14 +01:00
Ruby: Add post-update nodes for compound arguments
This commit is contained in:
Tom Hvitved
@@ -1,4 +1,5 @@
|
||||
import codeql.ruby.AST
|
||||
import codeql.ruby.CFG
|
||||
import codeql.ruby.DataFlow::DataFlow
|
||||
import codeql.ruby.dataflow.internal.DataFlowPrivate
|
||||
import codeql.ruby.dataflow.internal.DataFlowImplConsistency::Consistency
|
||||
@@ -13,6 +14,22 @@ private class MyConsistencyConfiguration extends ConsistencyConfiguration {
|
||||
or
|
||||
n instanceof SynthHashSplatArgumentNode
|
||||
or
|
||||
not isNonConstantExpr(n.asExpr())
|
||||
not isNonConstantExpr(getAPostUpdateNodeForArg(n.asExpr()))
|
||||
}
|
||||
|
||||
override predicate postHasUniquePreExclude(PostUpdateNode n) {
|
||||
exists(CfgNodes::ExprCfgNode e, CfgNodes::ExprCfgNode arg |
|
||||
e = getAPostUpdateNodeForArg(arg) and
|
||||
e != arg and
|
||||
n = TExprPostUpdateNode(e)
|
||||
)
|
||||
}
|
||||
|
||||
override predicate uniquePostUpdateExclude(Node n) {
|
||||
exists(CfgNodes::ExprCfgNode e, CfgNodes::ExprCfgNode arg |
|
||||
e = getAPostUpdateNodeForArg(arg) and
|
||||
e != arg and
|
||||
n.asExpr() = arg
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -32,6 +32,12 @@ module Consistency {
|
||||
|
||||
/** Holds if `n` should be excluded from the consistency test `reverseRead`. */
|
||||
predicate reverseReadExclude(Node n) { none() }
|
||||
|
||||
/** Holds if `n` should be excluded from the consistency test `postHasUniquePre`. */
|
||||
predicate postHasUniquePreExclude(PostUpdateNode n) { none() }
|
||||
|
||||
/** Holds if `n` should be excluded from the consistency test `uniquePostUpdate`. */
|
||||
predicate uniquePostUpdateExclude(Node n) { none() }
|
||||
}
|
||||
|
||||
private class RelevantNode extends Node {
|
||||
@@ -166,6 +172,7 @@ module Consistency {
|
||||
}
|
||||
|
||||
query predicate postHasUniquePre(PostUpdateNode n, string msg) {
|
||||
not any(ConsistencyConfiguration conf).postHasUniquePreExclude(n) and
|
||||
exists(int c |
|
||||
c = count(n.getPreUpdateNode()) and
|
||||
c != 1 and
|
||||
@@ -174,6 +181,7 @@ module Consistency {
|
||||
}
|
||||
|
||||
query predicate uniquePostUpdate(Node n, string msg) {
|
||||
not any(ConsistencyConfiguration conf).uniquePostUpdateExclude(n) and
|
||||
1 < strictcount(PostUpdateNode post | post.getPreUpdateNode() = n) and
|
||||
msg = "Node has multiple PostUpdateNodes."
|
||||
}
|
||||
|
||||
@@ -43,6 +43,32 @@ private class ExprNodeImpl extends ExprNode, NodeImpl {
|
||||
override string toStringImpl() { result = this.getExprNode().toString() }
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets a node that may execute last in `n`, and which, when it executes last,
|
||||
* will be the value of `n`.
|
||||
*/
|
||||
private CfgNodes::ExprCfgNode getALastEvalNode(CfgNodes::ExprCfgNode n) {
|
||||
result = n.(CfgNodes::ExprNodes::StmtSequenceCfgNode).getLastStmt()
|
||||
or
|
||||
result = n.(CfgNodes::ExprNodes::ConditionalExprCfgNode).getBranch(_)
|
||||
or
|
||||
exists(CfgNodes::AstCfgNode branch |
|
||||
branch = n.(CfgNodes::ExprNodes::CaseExprCfgNode).getBranch(_)
|
||||
|
|
||||
result = branch.(CfgNodes::ExprNodes::InClauseCfgNode).getBody()
|
||||
or
|
||||
result = branch.(CfgNodes::ExprNodes::WhenClauseCfgNode).getBody()
|
||||
or
|
||||
result = branch
|
||||
)
|
||||
}
|
||||
|
||||
/** Gets a node for which to construct a post-update node for argument `arg`. */
|
||||
CfgNodes::ExprCfgNode getAPostUpdateNodeForArg(Argument arg) {
|
||||
result = getALastEvalNode*(arg) and
|
||||
not exists(getALastEvalNode(result))
|
||||
}
|
||||
|
||||
/** Provides predicates related to local data flow. */
|
||||
module LocalFlow {
|
||||
private import codeql.ruby.dataflow.internal.SsaImpl
|
||||
@@ -135,19 +161,7 @@ module LocalFlow {
|
||||
or
|
||||
nodeFrom.asExpr() = nodeTo.asExpr().(CfgNodes::ExprNodes::BlockArgumentCfgNode).getValue()
|
||||
or
|
||||
nodeFrom.asExpr() = nodeTo.asExpr().(CfgNodes::ExprNodes::StmtSequenceCfgNode).getLastStmt()
|
||||
or
|
||||
nodeFrom.asExpr() = nodeTo.asExpr().(CfgNodes::ExprNodes::ConditionalExprCfgNode).getBranch(_)
|
||||
or
|
||||
exists(CfgNodes::AstCfgNode branch |
|
||||
branch = nodeTo.asExpr().(CfgNodes::ExprNodes::CaseExprCfgNode).getBranch(_)
|
||||
|
|
||||
nodeFrom.asExpr() = branch.(CfgNodes::ExprNodes::InClauseCfgNode).getBody()
|
||||
or
|
||||
nodeFrom.asExpr() = branch.(CfgNodes::ExprNodes::WhenClauseCfgNode).getBody()
|
||||
or
|
||||
nodeFrom.asExpr() = branch
|
||||
)
|
||||
nodeFrom.asExpr() = getALastEvalNode(nodeTo.asExpr())
|
||||
or
|
||||
exists(CfgNodes::ExprCfgNode exprTo, ReturningStatementNode n |
|
||||
nodeFrom = n and
|
||||
@@ -241,7 +255,8 @@ private module Cached {
|
||||
// filter out nodes that clearly don't need post-update nodes
|
||||
isNonConstantExpr(n) and
|
||||
(
|
||||
n instanceof Argument or
|
||||
n = getAPostUpdateNodeForArg(_)
|
||||
or
|
||||
n = any(CfgNodes::ExprNodes::InstanceVariableAccessCfgNode v).getReceiver()
|
||||
)
|
||||
} or
|
||||
@@ -1127,7 +1142,18 @@ private module PostUpdateNodes {
|
||||
|
||||
ExprPostUpdateNode() { this = TExprPostUpdateNode(e) }
|
||||
|
||||
override ExprNode getPreUpdateNode() { e = result.getExprNode() }
|
||||
override ExprNode getPreUpdateNode() {
|
||||
// For compund arguments, such as `m(if b then x else y)`, we want the leaf nodes
|
||||
// `[post] x` and `[post] y` to have two pre-update nodes: (1) the compund argument,
|
||||
// `if b then x else y`; and the (2) the underlying expressions; `x` and `y`,
|
||||
// respectively.
|
||||
//
|
||||
// This ensures that we get flow out of the call into both leafs (1), while still
|
||||
// maintaining the invariant that the underlying expression is a pre-update node (2).
|
||||
e = getAPostUpdateNodeForArg(result.getExprNode())
|
||||
or
|
||||
e = result.getExprNode()
|
||||
}
|
||||
|
||||
override CfgScope getCfgScope() { result = e.getExpr().getCfgScope() }
|
||||
|
||||
|
||||
@@ -1,12 +1,4 @@
|
||||
failures
|
||||
| instance_variables.rb:49:22:49:40 | # $ hasValueFlow=24 | Missing result:hasValueFlow=24 |
|
||||
| instance_variables.rb:54:22:54:40 | # $ hasValueFlow=24 | Missing result:hasValueFlow=24 |
|
||||
| instance_variables.rb:55:22:55:40 | # $ hasValueFlow=25 | Missing result:hasValueFlow=25 |
|
||||
| instance_variables.rb:60:22:60:40 | # $ hasValueFlow=26 | Missing result:hasValueFlow=26 |
|
||||
| instance_variables.rb:61:22:61:40 | # $ hasValueFlow=26 | Missing result:hasValueFlow=26 |
|
||||
| instance_variables.rb:66:22:66:40 | # $ hasValueFlow=27 | Missing result:hasValueFlow=27 |
|
||||
| instance_variables.rb:67:23:67:41 | # $ hasValueFlow=27 | Missing result:hasValueFlow=27 |
|
||||
| instance_variables.rb:79:23:79:41 | # $ hasValueFlow=28 | Missing result:hasValueFlow=28 |
|
||||
edges
|
||||
| instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:18:11:18 | x : |
|
||||
| instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:18:11:18 | x : |
|
||||
@@ -65,12 +57,76 @@ edges
|
||||
| instance_variables.rb:40:16:40:24 | call to taint : | instance_variables.rb:40:1:40:4 | [post] foo3 [@field] : |
|
||||
| instance_variables.rb:41:6:41:9 | foo3 [@field] : | instance_variables.rb:41:6:41:15 | call to field |
|
||||
| instance_variables.rb:41:6:41:9 | foo3 [@field] : | instance_variables.rb:41:6:41:15 | call to field |
|
||||
| instance_variables.rb:48:2:48:5 | [post] foo5 [@field] : | instance_variables.rb:49:6:49:9 | foo5 [@field] : |
|
||||
| instance_variables.rb:48:2:48:5 | [post] foo5 [@field] : | instance_variables.rb:49:6:49:9 | foo5 [@field] : |
|
||||
| instance_variables.rb:48:2:48:5 | [post] foo5 [@field] : | instance_variables.rb:54:6:54:9 | foo5 [@field] : |
|
||||
| instance_variables.rb:48:2:48:5 | [post] foo5 [@field] : | instance_variables.rb:54:6:54:9 | foo5 [@field] : |
|
||||
| instance_variables.rb:48:18:48:26 | call to taint : | instance_variables.rb:10:19:10:19 | x : |
|
||||
| instance_variables.rb:48:18:48:26 | call to taint : | instance_variables.rb:10:19:10:19 | x : |
|
||||
| instance_variables.rb:48:18:48:26 | call to taint : | instance_variables.rb:48:2:48:5 | [post] foo5 [@field] : |
|
||||
| instance_variables.rb:48:18:48:26 | call to taint : | instance_variables.rb:48:2:48:5 | [post] foo5 [@field] : |
|
||||
| instance_variables.rb:49:6:49:9 | foo5 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : |
|
||||
| instance_variables.rb:49:6:49:9 | foo5 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : |
|
||||
| instance_variables.rb:49:6:49:9 | foo5 [@field] : | instance_variables.rb:49:6:49:19 | call to get_field |
|
||||
| instance_variables.rb:49:6:49:9 | foo5 [@field] : | instance_variables.rb:49:6:49:19 | call to get_field |
|
||||
| instance_variables.rb:52:15:52:18 | [post] foo6 [@field] : | instance_variables.rb:55:6:55:9 | foo6 [@field] : |
|
||||
| instance_variables.rb:52:15:52:18 | [post] foo6 [@field] : | instance_variables.rb:55:6:55:9 | foo6 [@field] : |
|
||||
| instance_variables.rb:52:32:52:40 | call to taint : | instance_variables.rb:10:19:10:19 | x : |
|
||||
| instance_variables.rb:52:32:52:40 | call to taint : | instance_variables.rb:10:19:10:19 | x : |
|
||||
| instance_variables.rb:52:32:52:40 | call to taint : | instance_variables.rb:52:15:52:18 | [post] foo6 [@field] : |
|
||||
| instance_variables.rb:52:32:52:40 | call to taint : | instance_variables.rb:52:15:52:18 | [post] foo6 [@field] : |
|
||||
| instance_variables.rb:53:6:53:9 | foo3 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : |
|
||||
| instance_variables.rb:53:6:53:9 | foo3 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : |
|
||||
| instance_variables.rb:53:6:53:9 | foo3 [@field] : | instance_variables.rb:53:6:53:19 | call to get_field |
|
||||
| instance_variables.rb:53:6:53:9 | foo3 [@field] : | instance_variables.rb:53:6:53:19 | call to get_field |
|
||||
| instance_variables.rb:54:6:54:9 | foo5 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : |
|
||||
| instance_variables.rb:54:6:54:9 | foo5 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : |
|
||||
| instance_variables.rb:54:6:54:9 | foo5 [@field] : | instance_variables.rb:54:6:54:19 | call to get_field |
|
||||
| instance_variables.rb:54:6:54:9 | foo5 [@field] : | instance_variables.rb:54:6:54:19 | call to get_field |
|
||||
| instance_variables.rb:55:6:55:9 | foo6 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : |
|
||||
| instance_variables.rb:55:6:55:9 | foo6 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : |
|
||||
| instance_variables.rb:55:6:55:9 | foo6 [@field] : | instance_variables.rb:55:6:55:19 | call to get_field |
|
||||
| instance_variables.rb:55:6:55:9 | foo6 [@field] : | instance_variables.rb:55:6:55:19 | call to get_field |
|
||||
| instance_variables.rb:59:15:59:18 | [post] foo7 [@field] : | instance_variables.rb:60:6:60:9 | foo7 [@field] : |
|
||||
| instance_variables.rb:59:15:59:18 | [post] foo7 [@field] : | instance_variables.rb:60:6:60:9 | foo7 [@field] : |
|
||||
| instance_variables.rb:59:25:59:28 | [post] foo8 [@field] : | instance_variables.rb:61:6:61:9 | foo8 [@field] : |
|
||||
| instance_variables.rb:59:25:59:28 | [post] foo8 [@field] : | instance_variables.rb:61:6:61:9 | foo8 [@field] : |
|
||||
| instance_variables.rb:59:45:59:53 | call to taint : | instance_variables.rb:10:19:10:19 | x : |
|
||||
| instance_variables.rb:59:45:59:53 | call to taint : | instance_variables.rb:10:19:10:19 | x : |
|
||||
| instance_variables.rb:59:45:59:53 | call to taint : | instance_variables.rb:59:15:59:18 | [post] foo7 [@field] : |
|
||||
| instance_variables.rb:59:45:59:53 | call to taint : | instance_variables.rb:59:15:59:18 | [post] foo7 [@field] : |
|
||||
| instance_variables.rb:59:45:59:53 | call to taint : | instance_variables.rb:59:25:59:28 | [post] foo8 [@field] : |
|
||||
| instance_variables.rb:59:45:59:53 | call to taint : | instance_variables.rb:59:25:59:28 | [post] foo8 [@field] : |
|
||||
| instance_variables.rb:60:6:60:9 | foo7 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : |
|
||||
| instance_variables.rb:60:6:60:9 | foo7 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : |
|
||||
| instance_variables.rb:60:6:60:9 | foo7 [@field] : | instance_variables.rb:60:6:60:19 | call to get_field |
|
||||
| instance_variables.rb:60:6:60:9 | foo7 [@field] : | instance_variables.rb:60:6:60:19 | call to get_field |
|
||||
| instance_variables.rb:61:6:61:9 | foo8 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : |
|
||||
| instance_variables.rb:61:6:61:9 | foo8 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : |
|
||||
| instance_variables.rb:61:6:61:9 | foo8 [@field] : | instance_variables.rb:61:6:61:19 | call to get_field |
|
||||
| instance_variables.rb:61:6:61:9 | foo8 [@field] : | instance_variables.rb:61:6:61:19 | call to get_field |
|
||||
| instance_variables.rb:65:22:65:25 | [post] foo9 [@field] : | instance_variables.rb:66:6:66:9 | foo9 [@field] : |
|
||||
| instance_variables.rb:65:22:65:25 | [post] foo9 [@field] : | instance_variables.rb:66:6:66:9 | foo9 [@field] : |
|
||||
| instance_variables.rb:65:32:65:36 | [post] foo10 [@field] : | instance_variables.rb:67:6:67:10 | foo10 [@field] : |
|
||||
| instance_variables.rb:65:32:65:36 | [post] foo10 [@field] : | instance_variables.rb:67:6:67:10 | foo10 [@field] : |
|
||||
| instance_variables.rb:65:53:65:61 | call to taint : | instance_variables.rb:10:19:10:19 | x : |
|
||||
| instance_variables.rb:65:53:65:61 | call to taint : | instance_variables.rb:10:19:10:19 | x : |
|
||||
| instance_variables.rb:65:53:65:61 | call to taint : | instance_variables.rb:65:22:65:25 | [post] foo9 [@field] : |
|
||||
| instance_variables.rb:65:53:65:61 | call to taint : | instance_variables.rb:65:22:65:25 | [post] foo9 [@field] : |
|
||||
| instance_variables.rb:65:53:65:61 | call to taint : | instance_variables.rb:65:32:65:36 | [post] foo10 [@field] : |
|
||||
| instance_variables.rb:65:53:65:61 | call to taint : | instance_variables.rb:65:32:65:36 | [post] foo10 [@field] : |
|
||||
| instance_variables.rb:66:6:66:9 | foo9 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : |
|
||||
| instance_variables.rb:66:6:66:9 | foo9 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : |
|
||||
| instance_variables.rb:66:6:66:9 | foo9 [@field] : | instance_variables.rb:66:6:66:19 | call to get_field |
|
||||
| instance_variables.rb:66:6:66:9 | foo9 [@field] : | instance_variables.rb:66:6:66:19 | call to get_field |
|
||||
| instance_variables.rb:67:6:67:10 | foo10 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : |
|
||||
| instance_variables.rb:67:6:67:10 | foo10 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : |
|
||||
| instance_variables.rb:67:6:67:10 | foo10 [@field] : | instance_variables.rb:67:6:67:20 | call to get_field |
|
||||
| instance_variables.rb:67:6:67:10 | foo10 [@field] : | instance_variables.rb:67:6:67:20 | call to get_field |
|
||||
| instance_variables.rb:70:5:70:5 | [post] x [@field] : | instance_variables.rb:74:14:74:18 | [post] foo11 [@field] : |
|
||||
| instance_variables.rb:70:5:70:5 | [post] x [@field] : | instance_variables.rb:74:14:74:18 | [post] foo11 [@field] : |
|
||||
| instance_variables.rb:70:5:70:5 | [post] x [@field] : | instance_variables.rb:78:15:78:19 | [post] foo12 [@field] : |
|
||||
| instance_variables.rb:70:5:70:5 | [post] x [@field] : | instance_variables.rb:78:15:78:19 | [post] foo12 [@field] : |
|
||||
| instance_variables.rb:70:17:70:25 | call to taint : | instance_variables.rb:10:19:10:19 | x : |
|
||||
| instance_variables.rb:70:17:70:25 | call to taint : | instance_variables.rb:10:19:10:19 | x : |
|
||||
| instance_variables.rb:70:17:70:25 | call to taint : | instance_variables.rb:70:5:70:5 | [post] x [@field] : |
|
||||
@@ -81,6 +137,12 @@ edges
|
||||
| instance_variables.rb:75:6:75:10 | foo11 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : |
|
||||
| instance_variables.rb:75:6:75:10 | foo11 [@field] : | instance_variables.rb:75:6:75:20 | call to get_field |
|
||||
| instance_variables.rb:75:6:75:10 | foo11 [@field] : | instance_variables.rb:75:6:75:20 | call to get_field |
|
||||
| instance_variables.rb:78:15:78:19 | [post] foo12 [@field] : | instance_variables.rb:79:6:79:10 | foo12 [@field] : |
|
||||
| instance_variables.rb:78:15:78:19 | [post] foo12 [@field] : | instance_variables.rb:79:6:79:10 | foo12 [@field] : |
|
||||
| instance_variables.rb:79:6:79:10 | foo12 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : |
|
||||
| instance_variables.rb:79:6:79:10 | foo12 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : |
|
||||
| instance_variables.rb:79:6:79:10 | foo12 [@field] : | instance_variables.rb:79:6:79:20 | call to get_field |
|
||||
| instance_variables.rb:79:6:79:10 | foo12 [@field] : | instance_variables.rb:79:6:79:20 | call to get_field |
|
||||
nodes
|
||||
| instance_variables.rb:10:19:10:19 | x : | semmle.label | x : |
|
||||
| instance_variables.rb:10:19:10:19 | x : | semmle.label | x : |
|
||||
@@ -142,10 +204,58 @@ nodes
|
||||
| instance_variables.rb:41:6:41:9 | foo3 [@field] : | semmle.label | foo3 [@field] : |
|
||||
| instance_variables.rb:41:6:41:15 | call to field | semmle.label | call to field |
|
||||
| instance_variables.rb:41:6:41:15 | call to field | semmle.label | call to field |
|
||||
| instance_variables.rb:48:2:48:5 | [post] foo5 [@field] : | semmle.label | [post] foo5 [@field] : |
|
||||
| instance_variables.rb:48:2:48:5 | [post] foo5 [@field] : | semmle.label | [post] foo5 [@field] : |
|
||||
| instance_variables.rb:48:18:48:26 | call to taint : | semmle.label | call to taint : |
|
||||
| instance_variables.rb:48:18:48:26 | call to taint : | semmle.label | call to taint : |
|
||||
| instance_variables.rb:49:6:49:9 | foo5 [@field] : | semmle.label | foo5 [@field] : |
|
||||
| instance_variables.rb:49:6:49:9 | foo5 [@field] : | semmle.label | foo5 [@field] : |
|
||||
| instance_variables.rb:49:6:49:19 | call to get_field | semmle.label | call to get_field |
|
||||
| instance_variables.rb:49:6:49:19 | call to get_field | semmle.label | call to get_field |
|
||||
| instance_variables.rb:52:15:52:18 | [post] foo6 [@field] : | semmle.label | [post] foo6 [@field] : |
|
||||
| instance_variables.rb:52:15:52:18 | [post] foo6 [@field] : | semmle.label | [post] foo6 [@field] : |
|
||||
| instance_variables.rb:52:32:52:40 | call to taint : | semmle.label | call to taint : |
|
||||
| instance_variables.rb:52:32:52:40 | call to taint : | semmle.label | call to taint : |
|
||||
| instance_variables.rb:53:6:53:9 | foo3 [@field] : | semmle.label | foo3 [@field] : |
|
||||
| instance_variables.rb:53:6:53:9 | foo3 [@field] : | semmle.label | foo3 [@field] : |
|
||||
| instance_variables.rb:53:6:53:19 | call to get_field | semmle.label | call to get_field |
|
||||
| instance_variables.rb:53:6:53:19 | call to get_field | semmle.label | call to get_field |
|
||||
| instance_variables.rb:54:6:54:9 | foo5 [@field] : | semmle.label | foo5 [@field] : |
|
||||
| instance_variables.rb:54:6:54:9 | foo5 [@field] : | semmle.label | foo5 [@field] : |
|
||||
| instance_variables.rb:54:6:54:19 | call to get_field | semmle.label | call to get_field |
|
||||
| instance_variables.rb:54:6:54:19 | call to get_field | semmle.label | call to get_field |
|
||||
| instance_variables.rb:55:6:55:9 | foo6 [@field] : | semmle.label | foo6 [@field] : |
|
||||
| instance_variables.rb:55:6:55:9 | foo6 [@field] : | semmle.label | foo6 [@field] : |
|
||||
| instance_variables.rb:55:6:55:19 | call to get_field | semmle.label | call to get_field |
|
||||
| instance_variables.rb:55:6:55:19 | call to get_field | semmle.label | call to get_field |
|
||||
| instance_variables.rb:59:15:59:18 | [post] foo7 [@field] : | semmle.label | [post] foo7 [@field] : |
|
||||
| instance_variables.rb:59:15:59:18 | [post] foo7 [@field] : | semmle.label | [post] foo7 [@field] : |
|
||||
| instance_variables.rb:59:25:59:28 | [post] foo8 [@field] : | semmle.label | [post] foo8 [@field] : |
|
||||
| instance_variables.rb:59:25:59:28 | [post] foo8 [@field] : | semmle.label | [post] foo8 [@field] : |
|
||||
| instance_variables.rb:59:45:59:53 | call to taint : | semmle.label | call to taint : |
|
||||
| instance_variables.rb:59:45:59:53 | call to taint : | semmle.label | call to taint : |
|
||||
| instance_variables.rb:60:6:60:9 | foo7 [@field] : | semmle.label | foo7 [@field] : |
|
||||
| instance_variables.rb:60:6:60:9 | foo7 [@field] : | semmle.label | foo7 [@field] : |
|
||||
| instance_variables.rb:60:6:60:19 | call to get_field | semmle.label | call to get_field |
|
||||
| instance_variables.rb:60:6:60:19 | call to get_field | semmle.label | call to get_field |
|
||||
| instance_variables.rb:61:6:61:9 | foo8 [@field] : | semmle.label | foo8 [@field] : |
|
||||
| instance_variables.rb:61:6:61:9 | foo8 [@field] : | semmle.label | foo8 [@field] : |
|
||||
| instance_variables.rb:61:6:61:19 | call to get_field | semmle.label | call to get_field |
|
||||
| instance_variables.rb:61:6:61:19 | call to get_field | semmle.label | call to get_field |
|
||||
| instance_variables.rb:65:22:65:25 | [post] foo9 [@field] : | semmle.label | [post] foo9 [@field] : |
|
||||
| instance_variables.rb:65:22:65:25 | [post] foo9 [@field] : | semmle.label | [post] foo9 [@field] : |
|
||||
| instance_variables.rb:65:32:65:36 | [post] foo10 [@field] : | semmle.label | [post] foo10 [@field] : |
|
||||
| instance_variables.rb:65:32:65:36 | [post] foo10 [@field] : | semmle.label | [post] foo10 [@field] : |
|
||||
| instance_variables.rb:65:53:65:61 | call to taint : | semmle.label | call to taint : |
|
||||
| instance_variables.rb:65:53:65:61 | call to taint : | semmle.label | call to taint : |
|
||||
| instance_variables.rb:66:6:66:9 | foo9 [@field] : | semmle.label | foo9 [@field] : |
|
||||
| instance_variables.rb:66:6:66:9 | foo9 [@field] : | semmle.label | foo9 [@field] : |
|
||||
| instance_variables.rb:66:6:66:19 | call to get_field | semmle.label | call to get_field |
|
||||
| instance_variables.rb:66:6:66:19 | call to get_field | semmle.label | call to get_field |
|
||||
| instance_variables.rb:67:6:67:10 | foo10 [@field] : | semmle.label | foo10 [@field] : |
|
||||
| instance_variables.rb:67:6:67:10 | foo10 [@field] : | semmle.label | foo10 [@field] : |
|
||||
| instance_variables.rb:67:6:67:20 | call to get_field | semmle.label | call to get_field |
|
||||
| instance_variables.rb:67:6:67:20 | call to get_field | semmle.label | call to get_field |
|
||||
| instance_variables.rb:70:5:70:5 | [post] x [@field] : | semmle.label | [post] x [@field] : |
|
||||
| instance_variables.rb:70:5:70:5 | [post] x [@field] : | semmle.label | [post] x [@field] : |
|
||||
| instance_variables.rb:70:17:70:25 | call to taint : | semmle.label | call to taint : |
|
||||
@@ -156,6 +266,12 @@ nodes
|
||||
| instance_variables.rb:75:6:75:10 | foo11 [@field] : | semmle.label | foo11 [@field] : |
|
||||
| instance_variables.rb:75:6:75:20 | call to get_field | semmle.label | call to get_field |
|
||||
| instance_variables.rb:75:6:75:20 | call to get_field | semmle.label | call to get_field |
|
||||
| instance_variables.rb:78:15:78:19 | [post] foo12 [@field] : | semmle.label | [post] foo12 [@field] : |
|
||||
| instance_variables.rb:78:15:78:19 | [post] foo12 [@field] : | semmle.label | [post] foo12 [@field] : |
|
||||
| instance_variables.rb:79:6:79:10 | foo12 [@field] : | semmle.label | foo12 [@field] : |
|
||||
| instance_variables.rb:79:6:79:10 | foo12 [@field] : | semmle.label | foo12 [@field] : |
|
||||
| instance_variables.rb:79:6:79:20 | call to get_field | semmle.label | call to get_field |
|
||||
| instance_variables.rb:79:6:79:20 | call to get_field | semmle.label | call to get_field |
|
||||
subpaths
|
||||
| instance_variables.rb:24:15:24:23 | call to taint : | instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:9:11:14 | [post] self [@field] : | instance_variables.rb:24:1:24:3 | [post] foo [@field] : |
|
||||
| instance_variables.rb:24:15:24:23 | call to taint : | instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:9:11:14 | [post] self [@field] : | instance_variables.rb:24:1:24:3 | [post] foo [@field] : |
|
||||
@@ -168,12 +284,40 @@ subpaths
|
||||
| instance_variables.rb:37:6:37:9 | foo2 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:37:6:37:19 | call to get_field |
|
||||
| instance_variables.rb:40:16:40:24 | call to taint : | instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:9:11:14 | [post] self [@field] : | instance_variables.rb:40:1:40:4 | [post] foo3 [@field] : |
|
||||
| instance_variables.rb:40:16:40:24 | call to taint : | instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:9:11:14 | [post] self [@field] : | instance_variables.rb:40:1:40:4 | [post] foo3 [@field] : |
|
||||
| instance_variables.rb:48:18:48:26 | call to taint : | instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:9:11:14 | [post] self [@field] : | instance_variables.rb:48:2:48:5 | [post] foo5 [@field] : |
|
||||
| instance_variables.rb:48:18:48:26 | call to taint : | instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:9:11:14 | [post] self [@field] : | instance_variables.rb:48:2:48:5 | [post] foo5 [@field] : |
|
||||
| instance_variables.rb:49:6:49:9 | foo5 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:49:6:49:19 | call to get_field |
|
||||
| instance_variables.rb:49:6:49:9 | foo5 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:49:6:49:19 | call to get_field |
|
||||
| instance_variables.rb:52:32:52:40 | call to taint : | instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:9:11:14 | [post] self [@field] : | instance_variables.rb:52:15:52:18 | [post] foo6 [@field] : |
|
||||
| instance_variables.rb:52:32:52:40 | call to taint : | instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:9:11:14 | [post] self [@field] : | instance_variables.rb:52:15:52:18 | [post] foo6 [@field] : |
|
||||
| instance_variables.rb:53:6:53:9 | foo3 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:53:6:53:19 | call to get_field |
|
||||
| instance_variables.rb:53:6:53:9 | foo3 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:53:6:53:19 | call to get_field |
|
||||
| instance_variables.rb:54:6:54:9 | foo5 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:54:6:54:19 | call to get_field |
|
||||
| instance_variables.rb:54:6:54:9 | foo5 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:54:6:54:19 | call to get_field |
|
||||
| instance_variables.rb:55:6:55:9 | foo6 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:55:6:55:19 | call to get_field |
|
||||
| instance_variables.rb:55:6:55:9 | foo6 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:55:6:55:19 | call to get_field |
|
||||
| instance_variables.rb:59:45:59:53 | call to taint : | instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:9:11:14 | [post] self [@field] : | instance_variables.rb:59:15:59:18 | [post] foo7 [@field] : |
|
||||
| instance_variables.rb:59:45:59:53 | call to taint : | instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:9:11:14 | [post] self [@field] : | instance_variables.rb:59:15:59:18 | [post] foo7 [@field] : |
|
||||
| instance_variables.rb:59:45:59:53 | call to taint : | instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:9:11:14 | [post] self [@field] : | instance_variables.rb:59:25:59:28 | [post] foo8 [@field] : |
|
||||
| instance_variables.rb:59:45:59:53 | call to taint : | instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:9:11:14 | [post] self [@field] : | instance_variables.rb:59:25:59:28 | [post] foo8 [@field] : |
|
||||
| instance_variables.rb:60:6:60:9 | foo7 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:60:6:60:19 | call to get_field |
|
||||
| instance_variables.rb:60:6:60:9 | foo7 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:60:6:60:19 | call to get_field |
|
||||
| instance_variables.rb:61:6:61:9 | foo8 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:61:6:61:19 | call to get_field |
|
||||
| instance_variables.rb:61:6:61:9 | foo8 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:61:6:61:19 | call to get_field |
|
||||
| instance_variables.rb:65:53:65:61 | call to taint : | instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:9:11:14 | [post] self [@field] : | instance_variables.rb:65:22:65:25 | [post] foo9 [@field] : |
|
||||
| instance_variables.rb:65:53:65:61 | call to taint : | instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:9:11:14 | [post] self [@field] : | instance_variables.rb:65:22:65:25 | [post] foo9 [@field] : |
|
||||
| instance_variables.rb:65:53:65:61 | call to taint : | instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:9:11:14 | [post] self [@field] : | instance_variables.rb:65:32:65:36 | [post] foo10 [@field] : |
|
||||
| instance_variables.rb:65:53:65:61 | call to taint : | instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:9:11:14 | [post] self [@field] : | instance_variables.rb:65:32:65:36 | [post] foo10 [@field] : |
|
||||
| instance_variables.rb:66:6:66:9 | foo9 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:66:6:66:19 | call to get_field |
|
||||
| instance_variables.rb:66:6:66:9 | foo9 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:66:6:66:19 | call to get_field |
|
||||
| instance_variables.rb:67:6:67:10 | foo10 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:67:6:67:20 | call to get_field |
|
||||
| instance_variables.rb:67:6:67:10 | foo10 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:67:6:67:20 | call to get_field |
|
||||
| instance_variables.rb:70:17:70:25 | call to taint : | instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:9:11:14 | [post] self [@field] : | instance_variables.rb:70:5:70:5 | [post] x [@field] : |
|
||||
| instance_variables.rb:70:17:70:25 | call to taint : | instance_variables.rb:10:19:10:19 | x : | instance_variables.rb:11:9:11:14 | [post] self [@field] : | instance_variables.rb:70:5:70:5 | [post] x [@field] : |
|
||||
| instance_variables.rb:75:6:75:10 | foo11 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:75:6:75:20 | call to get_field |
|
||||
| instance_variables.rb:75:6:75:10 | foo11 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:75:6:75:20 | call to get_field |
|
||||
| instance_variables.rb:79:6:79:10 | foo12 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:79:6:79:20 | call to get_field |
|
||||
| instance_variables.rb:79:6:79:10 | foo12 [@field] : | instance_variables.rb:13:5:15:7 | self in get_field [@field] : | instance_variables.rb:14:9:14:21 | return : | instance_variables.rb:79:6:79:20 | call to get_field |
|
||||
#select
|
||||
| instance_variables.rb:20:10:20:13 | @foo | instance_variables.rb:19:12:19:21 | call to taint : | instance_variables.rb:20:10:20:13 | @foo | $@ | instance_variables.rb:19:12:19:21 | call to taint : | call to taint : |
|
||||
| instance_variables.rb:25:6:25:18 | call to get_field | instance_variables.rb:24:15:24:23 | call to taint : | instance_variables.rb:25:6:25:18 | call to get_field | $@ | instance_variables.rb:24:15:24:23 | call to taint : | call to taint : |
|
||||
@@ -181,5 +325,13 @@ subpaths
|
||||
| instance_variables.rb:33:6:33:15 | call to field | instance_variables.rb:32:14:32:22 | call to taint : | instance_variables.rb:33:6:33:15 | call to field | $@ | instance_variables.rb:32:14:32:22 | call to taint : | call to taint : |
|
||||
| instance_variables.rb:37:6:37:19 | call to get_field | instance_variables.rb:36:14:36:22 | call to taint : | instance_variables.rb:37:6:37:19 | call to get_field | $@ | instance_variables.rb:36:14:36:22 | call to taint : | call to taint : |
|
||||
| instance_variables.rb:41:6:41:15 | call to field | instance_variables.rb:40:16:40:24 | call to taint : | instance_variables.rb:41:6:41:15 | call to field | $@ | instance_variables.rb:40:16:40:24 | call to taint : | call to taint : |
|
||||
| instance_variables.rb:49:6:49:19 | call to get_field | instance_variables.rb:48:18:48:26 | call to taint : | instance_variables.rb:49:6:49:19 | call to get_field | $@ | instance_variables.rb:48:18:48:26 | call to taint : | call to taint : |
|
||||
| instance_variables.rb:53:6:53:19 | call to get_field | instance_variables.rb:40:16:40:24 | call to taint : | instance_variables.rb:53:6:53:19 | call to get_field | $@ | instance_variables.rb:40:16:40:24 | call to taint : | call to taint : |
|
||||
| instance_variables.rb:54:6:54:19 | call to get_field | instance_variables.rb:48:18:48:26 | call to taint : | instance_variables.rb:54:6:54:19 | call to get_field | $@ | instance_variables.rb:48:18:48:26 | call to taint : | call to taint : |
|
||||
| instance_variables.rb:55:6:55:19 | call to get_field | instance_variables.rb:52:32:52:40 | call to taint : | instance_variables.rb:55:6:55:19 | call to get_field | $@ | instance_variables.rb:52:32:52:40 | call to taint : | call to taint : |
|
||||
| instance_variables.rb:60:6:60:19 | call to get_field | instance_variables.rb:59:45:59:53 | call to taint : | instance_variables.rb:60:6:60:19 | call to get_field | $@ | instance_variables.rb:59:45:59:53 | call to taint : | call to taint : |
|
||||
| instance_variables.rb:61:6:61:19 | call to get_field | instance_variables.rb:59:45:59:53 | call to taint : | instance_variables.rb:61:6:61:19 | call to get_field | $@ | instance_variables.rb:59:45:59:53 | call to taint : | call to taint : |
|
||||
| instance_variables.rb:66:6:66:19 | call to get_field | instance_variables.rb:65:53:65:61 | call to taint : | instance_variables.rb:66:6:66:19 | call to get_field | $@ | instance_variables.rb:65:53:65:61 | call to taint : | call to taint : |
|
||||
| instance_variables.rb:67:6:67:20 | call to get_field | instance_variables.rb:65:53:65:61 | call to taint : | instance_variables.rb:67:6:67:20 | call to get_field | $@ | instance_variables.rb:65:53:65:61 | call to taint : | call to taint : |
|
||||
| instance_variables.rb:75:6:75:20 | call to get_field | instance_variables.rb:70:17:70:25 | call to taint : | instance_variables.rb:75:6:75:20 | call to get_field | $@ | instance_variables.rb:70:17:70:25 | call to taint : | call to taint : |
|
||||
| instance_variables.rb:79:6:79:20 | call to get_field | instance_variables.rb:70:17:70:25 | call to taint : | instance_variables.rb:79:6:79:20 | call to get_field | $@ | instance_variables.rb:70:17:70:25 | call to taint : | call to taint : |
|
||||
|
||||
Reference in New Issue
Block a user