hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 08:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into rb/dataflow-query-refactor

Browse Source
This commit is contained in:
Alex Ford
2023-09-07 14:57:38 +01:00
committed by GitHub
parent 947fa0de62 df2b313c5e
commit 5b013dd5d2
930 changed files with 20415 additions and 13248 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
ruby/ql/consistency-queries/DataFlowConsistency.ql
View File

@@ -1,13 +1,16 @@
import codeql.ruby.AST
import codeql.ruby.CFG
import codeql.ruby.DataFlow::DataFlow
import codeql.ruby.dataflow.internal.DataFlowPrivate
import codeql.ruby.dataflow.internal.DataFlowImplConsistency::Consistency
import codeql.ruby.DataFlow::DataFlow as DataFlow
private import codeql.ruby.AST
private import codeql.ruby.CFG
private import codeql.ruby.dataflow.internal.DataFlowImplSpecific
private import codeql.ruby.dataflow.internal.TaintTrackingImplSpecific
private import codeql.dataflow.internal.DataFlowImplConsistency
private class MyConsistencyConfiguration extends ConsistencyConfiguration {
override predicate postWithInFlowExclude(Node n) { n instanceof FlowSummaryNode }
private module Input implements InputSig<RubyDataFlow> {
private import RubyDataFlow
override predicate argHasPostUpdateExclude(ArgumentNode n) {
predicate postWithInFlowExclude(Node n) { n instanceof FlowSummaryNode }
predicate argHasPostUpdateExclude(ArgumentNode n) {
n instanceof BlockArgumentNode
or
n instanceof FlowSummaryNode
@@ -17,7 +20,7 @@ private class MyConsistencyConfiguration extends ConsistencyConfiguration {
not isNonConstantExpr(getAPostUpdateNodeForArg(n.asExpr()))
}
override predicate postHasUniquePreExclude(PostUpdateNode n) {
predicate postHasUniquePreExclude(PostUpdateNode n) {
exists(CfgNodes::ExprCfgNode e, CfgNodes::ExprCfgNode arg |
e = getAPostUpdateNodeForArg(arg) and
e != arg and
@@ -25,7 +28,7 @@ private class MyConsistencyConfiguration extends ConsistencyConfiguration {
)
}
override predicate uniquePostUpdateExclude(Node n) {
predicate uniquePostUpdateExclude(Node n) {
exists(CfgNodes::ExprCfgNode e, CfgNodes::ExprCfgNode arg |
e = getAPostUpdateNodeForArg(arg) and
e != arg and
@@ -34,7 +37,9 @@ private class MyConsistencyConfiguration extends ConsistencyConfiguration {
}
}
query predicate multipleToString(Node n, string s) {
import MakeConsistency<RubyDataFlow, RubyTaintTracking, Input>
query predicate multipleToString(DataFlow::Node n, string s) {
s = strictconcat(n.toString(), ",") and
strictcount(n.toString()) > 1
}

7
ruby/ql/lib/CHANGELOG.md
View File

@@ -1,3 +1,10 @@
## 0.7.3
### Minor Analysis Improvements
* Flow between positional arguments and splat parameters (`*args`) is now tracked more precisely.
* Flow between splat arguments (`*args`) and positional parameters is now tracked more precisely.
## 0.7.2
No user-facing changes.

4
ruby/ql/lib/change-notes/2023-08-08-splat-arguments.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Flow between splat arguments (`*args`) and positional parameters is now tracked more precisely.

4
ruby/ql/lib/change-notes/2023-08-14-splat-parameters.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Flow between positional arguments and splat parameters (`*args`) is now tracked more precisely.

6
ruby/ql/lib/change-notes/released/0.7.3.md Normal file
View File

@@ -0,0 +1,6 @@
## 0.7.3
### Minor Analysis Improvements
* Flow between positional arguments and splat parameters (`*args`) is now tracked more precisely.
* Flow between splat arguments (`*args`) and positional parameters is now tracked more precisely.

2
ruby/ql/lib/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.7.2
lastReleaseVersion: 0.7.3

37
ruby/ql/lib/codeql/ruby/Concepts.qll
View File

@@ -1250,3 +1250,40 @@ module LdapExecution {
abstract DataFlow::Node getQuery();
}
}
/**
* A data-flow node that collects methods binding a LDAP connection.
*
* Extend this class to refine existing API models. If you want to model new APIs,
* extend `LdapBind::Range` instead.
*/
class LdapBind extends DataFlow::Node instanceof LdapBind::Range {
/** Gets the argument containing the binding host */
DataFlow::Node getHost() { result = super.getHost() }
/** Gets the argument containing the binding expression. */
DataFlow::Node getPassword() { result = super.getPassword() }
/** Holds if the binding process use SSL. */
predicate usesSsl() { super.usesSsl() }
}
/** Provides classes for modeling LDAP bind-related APIs. */
module LdapBind {
/**
* A data-flow node that collects methods binding a LDAP connection.
*
* Extend this class to model new APIs. If you want to refine existing API models,
* extend `LdapBind` instead.
*/
abstract class Range extends DataFlow::Node {
/** Gets the argument containing the binding host. */
abstract DataFlow::Node getHost();
/** Gets the argument containing the binding expression. */
abstract DataFlow::Node getPassword();
/** Holds if the binding process use SSL. */
abstract predicate usesSsl();
}
}

41
ruby/ql/lib/codeql/ruby/controlflow/ControlFlowGraph.qll
View File

@@ -73,16 +73,14 @@ module SuccessorTypes {
}
/**
* A conditional control flow successor. Either a Boolean successor (`BooleanSuccessor`),
* an emptiness successor (`EmptinessSuccessor`), or a matching successor
* (`MatchingSuccessor`)
* A conditional control flow successor. Either a Boolean successor (`BooleanSuccessor`)
* or a matching successor (`MatchingSuccessor`)
*/
class ConditionalSuccessor extends SuccessorType {
boolean value;
ConditionalSuccessor() {
this = CfgImpl::TBooleanSuccessor(value) or
this = CfgImpl::TEmptinessSuccessor(value) or
this = CfgImpl::TMatchingSuccessor(value)
}
@@ -109,41 +107,6 @@ module SuccessorTypes {
*/
class BooleanSuccessor extends ConditionalSuccessor, CfgImpl::TBooleanSuccessor { }
/**
* An emptiness control flow successor.
*
* For example, this program fragment:
*
* ```rb
* for arg in args do
* puts arg
* end
* puts "done";
* ```
*
* has a control flow graph containing emptiness successors:
*
* ```
* args
* |
* for------<-----
* / \ \
* / \ |
* / \ |
* / \ |
* empty non-empty |
* | \ |
* puts "done" \ |
* arg |
* | |
* puts arg |
* \___/
* ```
*/
class EmptinessSuccessor extends ConditionalSuccessor, CfgImpl::TEmptinessSuccessor {
override string toString() { if value = true then result = "empty" else result = "non-empty" }
}
/**
* A matching control flow successor.
*

1
ruby/ql/lib/codeql/ruby/controlflow/internal/ControlFlowGraphImpl.qll
View File

@@ -1513,7 +1513,6 @@ private module Cached {
newtype TSuccessorType =
TSuccessorSuccessor() or
TBooleanSuccessor(boolean b) { b in [false, true] } or
TEmptinessSuccessor(boolean isEmpty) { isEmpty in [false, true] } or
TMatchingSuccessor(boolean isMatch) { isMatch in [false, true] } or
TReturnSuccessor() or
TBreakSuccessor() or

299
ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplConsistency.qll
View File

@@ -1,299 +0,0 @@
/**
* Provides consistency queries for checking invariants in the language-specific
* data-flow classes and predicates.
*/
private import DataFlowImplSpecific::Private
private import DataFlowImplSpecific::Public
private import tainttracking1.TaintTrackingParameter::Private
private import tainttracking1.TaintTrackingParameter::Public
module Consistency {
private newtype TConsistencyConfiguration = MkConsistencyConfiguration()
/** A class for configuring the consistency queries. */
class ConsistencyConfiguration extends TConsistencyConfiguration {
string toString() { none() }
/** Holds if `n` should be excluded from the consistency test `uniqueEnclosingCallable`. */
predicate uniqueEnclosingCallableExclude(Node n) { none() }
/** Holds if `call` should be excluded from the consistency test `uniqueCallEnclosingCallable`. */
predicate uniqueCallEnclosingCallableExclude(DataFlowCall call) { none() }
/** Holds if `n` should be excluded from the consistency test `uniqueNodeLocation`. */
predicate uniqueNodeLocationExclude(Node n) { none() }
/** Holds if `n` should be excluded from the consistency test `missingLocation`. */
predicate missingLocationExclude(Node n) { none() }
/** Holds if `n` should be excluded from the consistency test `postWithInFlow`. */
predicate postWithInFlowExclude(Node n) { none() }
/** Holds if `n` should be excluded from the consistency test `argHasPostUpdate`. */
predicate argHasPostUpdateExclude(ArgumentNode n) { none() }
/** Holds if `n` should be excluded from the consistency test `reverseRead`. */
predicate reverseReadExclude(Node n) { none() }
/** Holds if `n` should be excluded from the consistency test `postHasUniquePre`. */
predicate postHasUniquePreExclude(PostUpdateNode n) { none() }
/** Holds if `n` should be excluded from the consistency test `uniquePostUpdate`. */
predicate uniquePostUpdateExclude(Node n) { none() }
/** Holds if `(call, ctx)` should be excluded from the consistency test `viableImplInCallContextTooLargeExclude`. */
predicate viableImplInCallContextTooLargeExclude(
DataFlowCall call, DataFlowCall ctx, DataFlowCallable callable
) {
none()
}
/** Holds if `(c, pos, p)` should be excluded from the consistency test `uniqueParameterNodeAtPosition`. */
predicate uniqueParameterNodeAtPositionExclude(DataFlowCallable c, ParameterPosition pos, Node p) {
none()
}
/** Holds if `(c, pos, p)` should be excluded from the consistency test `uniqueParameterNodePosition`. */
predicate uniqueParameterNodePositionExclude(DataFlowCallable c, ParameterPosition pos, Node p) {
none()
}
/** Holds if `n` should be excluded from the consistency test `identityLocalStep`. */
predicate identityLocalStepExclude(Node n) { none() }
}
private class RelevantNode extends Node {
RelevantNode() {
this instanceof ArgumentNode or
this instanceof ParameterNode or
this instanceof ReturnNode or
this = getAnOutNode(_, _) or
simpleLocalFlowStep(this, _) or
simpleLocalFlowStep(_, this) or
jumpStep(this, _) or
jumpStep(_, this) or
storeStep(this, _, _) or
storeStep(_, _, this) or
readStep(this, _, _) or
readStep(_, _, this) or
defaultAdditionalTaintStep(this, _) or
defaultAdditionalTaintStep(_, this)
}
}
query predicate uniqueEnclosingCallable(Node n, string msg) {
exists(int c |
n instanceof RelevantNode and
c = count(nodeGetEnclosingCallable(n)) and
c != 1 and
not any(ConsistencyConfiguration conf).uniqueEnclosingCallableExclude(n) and
msg = "Node should have one enclosing callable but has " + c + "."
)
}
query predicate uniqueCallEnclosingCallable(DataFlowCall call, string msg) {
exists(int c |
c = count(call.getEnclosingCallable()) and
c != 1 and
not any(ConsistencyConfiguration conf).uniqueCallEnclosingCallableExclude(call) and
msg = "Call should have one enclosing callable but has " + c + "."
)
}
query predicate uniqueType(Node n, string msg) {
exists(int c |
n instanceof RelevantNode and
c = count(getNodeType(n)) and
c != 1 and
msg = "Node should have one type but has " + c + "."
)
}
query predicate uniqueNodeLocation(Node n, string msg) {
exists(int c |
c =
count(string filepath, int startline, int startcolumn, int endline, int endcolumn |
n.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
) and
c != 1 and
not any(ConsistencyConfiguration conf).uniqueNodeLocationExclude(n) and
msg = "Node should have one location but has " + c + "."
)
}
query predicate missingLocation(string msg) {
exists(int c |
c =
strictcount(Node n |
not n.hasLocationInfo(_, _, _, _, _) and
not any(ConsistencyConfiguration conf).missingLocationExclude(n)
) and
msg = "Nodes without location: " + c
)
}
query predicate uniqueNodeToString(Node n, string msg) {
exists(int c |
c = count(n.toString()) and
c != 1 and
msg = "Node should have one toString but has " + c + "."
)
}
query predicate missingToString(string msg) {
exists(int c |
c = strictcount(Node n | not exists(n.toString())) and
msg = "Nodes without toString: " + c
)
}
query predicate parameterCallable(ParameterNode p, string msg) {
exists(DataFlowCallable c | isParameterNode(p, c, _) and c != nodeGetEnclosingCallable(p)) and
msg = "Callable mismatch for parameter."
}
query predicate localFlowIsLocal(Node n1, Node n2, string msg) {
simpleLocalFlowStep(n1, n2) and
nodeGetEnclosingCallable(n1) != nodeGetEnclosingCallable(n2) and
msg = "Local flow step does not preserve enclosing callable."
}
query predicate readStepIsLocal(Node n1, Node n2, string msg) {
readStep(n1, _, n2) and
nodeGetEnclosingCallable(n1) != nodeGetEnclosingCallable(n2) and
msg = "Read step does not preserve enclosing callable."
}
query predicate storeStepIsLocal(Node n1, Node n2, string msg) {
storeStep(n1, _, n2) and
nodeGetEnclosingCallable(n1) != nodeGetEnclosingCallable(n2) and
msg = "Store step does not preserve enclosing callable."
}
private DataFlowType typeRepr() { result = getNodeType(_) }
query predicate compatibleTypesReflexive(DataFlowType t, string msg) {
t = typeRepr() and
not compatibleTypes(t, t) and
msg = "Type compatibility predicate is not reflexive."
}
query predicate unreachableNodeCCtx(Node n, DataFlowCall call, string msg) {
isUnreachableInCall(n, call) and
exists(DataFlowCallable c |
c = nodeGetEnclosingCallable(n) and
not viableCallable(call) = c
) and
msg = "Call context for isUnreachableInCall is inconsistent with call graph."
}
query predicate localCallNodes(DataFlowCall call, Node n, string msg) {
(
n = getAnOutNode(call, _) and
msg = "OutNode and call does not share enclosing callable."
or
n.(ArgumentNode).argumentOf(call, _) and
msg = "ArgumentNode and call does not share enclosing callable."
) and
nodeGetEnclosingCallable(n) != call.getEnclosingCallable()
}
// This predicate helps the compiler forget that in some languages
// it is impossible for a result of `getPreUpdateNode` to be an
// instance of `PostUpdateNode`.
private Node getPre(PostUpdateNode n) {
result = n.getPreUpdateNode()
or
none()
}
query predicate postIsNotPre(PostUpdateNode n, string msg) {
getPre(n) = n and
msg = "PostUpdateNode should not equal its pre-update node."
}
query predicate postHasUniquePre(PostUpdateNode n, string msg) {
not any(ConsistencyConfiguration conf).postHasUniquePreExclude(n) and
exists(int c |
c = count(n.getPreUpdateNode()) and
c != 1 and
msg = "PostUpdateNode should have one pre-update node but has " + c + "."
)
}
query predicate uniquePostUpdate(Node n, string msg) {
not any(ConsistencyConfiguration conf).uniquePostUpdateExclude(n) and
1 < strictcount(PostUpdateNode post | post.getPreUpdateNode() = n) and
msg = "Node has multiple PostUpdateNodes."
}
query predicate postIsInSameCallable(PostUpdateNode n, string msg) {
nodeGetEnclosingCallable(n) != nodeGetEnclosingCallable(n.getPreUpdateNode()) and
msg = "PostUpdateNode does not share callable with its pre-update node."
}
private predicate hasPost(Node n) { exists(PostUpdateNode post | post.getPreUpdateNode() = n) }
query predicate reverseRead(Node n, string msg) {
exists(Node n2 | readStep(n, _, n2) and hasPost(n2) and not hasPost(n)) and
not any(ConsistencyConfiguration conf).reverseReadExclude(n) and
msg = "Origin of readStep is missing a PostUpdateNode."
}
query predicate argHasPostUpdate(ArgumentNode n, string msg) {
not hasPost(n) and
not any(ConsistencyConfiguration c).argHasPostUpdateExclude(n) and
msg = "ArgumentNode is missing PostUpdateNode."
}
// This predicate helps the compiler forget that in some languages
// it is impossible for a `PostUpdateNode` to be the target of
// `simpleLocalFlowStep`.
private predicate isPostUpdateNode(Node n) { n instanceof PostUpdateNode or none() }
query predicate postWithInFlow(Node n, string msg) {
isPostUpdateNode(n) and
not clearsContent(n, _) and
simpleLocalFlowStep(_, n) and
not any(ConsistencyConfiguration c).postWithInFlowExclude(n) and
msg = "PostUpdateNode should not be the target of local flow."
}
query predicate viableImplInCallContextTooLarge(
DataFlowCall call, DataFlowCall ctx, DataFlowCallable callable
) {
callable = viableImplInCallContext(call, ctx) and
not callable = viableCallable(call) and
not any(ConsistencyConfiguration c).viableImplInCallContextTooLargeExclude(call, ctx, callable)
}
query predicate uniqueParameterNodeAtPosition(
DataFlowCallable c, ParameterPosition pos, Node p, string msg
) {
not any(ConsistencyConfiguration conf).uniqueParameterNodeAtPositionExclude(c, pos, p) and
isParameterNode(p, c, pos) and
not exists(unique(Node p0 | isParameterNode(p0, c, pos))) and
msg = "Parameters with overlapping positions."
}
query predicate uniqueParameterNodePosition(
DataFlowCallable c, ParameterPosition pos, Node p, string msg
) {
not any(ConsistencyConfiguration conf).uniqueParameterNodePositionExclude(c, pos, p) and
isParameterNode(p, c, pos) and
not exists(unique(ParameterPosition pos0 | isParameterNode(p, c, pos0))) and
msg = "Parameter node with multiple positions."
}
query predicate uniqueContentApprox(Content c, string msg) {
not exists(unique(ContentApprox approx | approx = getContentApprox(c))) and
msg = "Non-unique content approximation."
}
query predicate identityLocalStep(Node n, string msg) {
simpleLocalFlowStep(n, n) and
not any(ConsistencyConfiguration c).identityLocalStepExclude(n) and
msg = "Node steps to itself"
}
}

17
ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
View File

@@ -558,9 +558,7 @@ import Cached
/** Holds if `n` should be hidden from path explanations. */
predicate nodeIsHidden(Node n) {
exists(SsaImpl::DefinitionExt def | def = n.(SsaDefinitionExtNode).getDefinitionExt() |
not def instanceof Ssa::WriteDefinition
)
n.(SsaDefinitionExtNode).isHidden()
or
n = LocalFlow::getParameterDefNode(_)
or
@@ -593,6 +591,13 @@ class SsaDefinitionExtNode extends NodeImpl, TSsaDefinitionExtNode {
/** Gets the underlying variable. */
Variable getVariable() { result = def.getSourceVariable() }
/** Holds if this node should be hidden from path explanations. */
predicate isHidden() {
not def instanceof Ssa::WriteDefinition
or
isDesugarNode(def.(Ssa::WriteDefinition).getWriteAccess().getExpr())
}
override CfgScope getCfgScope() { result = def.getBasicBlock().getScope() }
override Location getLocationImpl() { result = def.getLocation() }
@@ -1593,7 +1598,11 @@ class CastNode extends Node {
*/
predicate neverSkipInPathGraph(Node n) {
// ensure that all variable assignments are included in the path graph
n.(SsaDefinitionExtNode).getDefinitionExt() instanceof Ssa::WriteDefinition
n =
any(SsaDefinitionExtNode def |
def.getDefinitionExt() instanceof Ssa::WriteDefinition and
not def.isHidden()
)
}
class DataFlowExpr = CfgNodes::ExprCfgNode;

36
ruby/ql/lib/codeql/ruby/frameworks/Ldap.qll
View File

@@ -43,6 +43,17 @@ module NetLdap {
/** A call that establishes a LDAP Connection */
private class NetLdapConnection extends DataFlow::CallNode {
NetLdapConnection() { this in [ldap().getAnInstantiation(), ldap().getAMethodCall("open")] }
predicate usesSsl() {
getValue(this, "encryption").getConstantValue().isStringlikeValue("simple_tls")
}
DataFlow::Node getAuthValue(string arg) {
result =
this.getKeywordArgument("auth")
.(DataFlow::HashLiteralNode)
.getElementFromKey(any(Ast::ConstantValue cv | cv.isStringlikeValue(arg)))
}
}
/** A call that constructs a LDAP query */
@@ -67,4 +78,29 @@ module NetLdap {
override DataFlow::Node getQuery() { result = this.getKeywordArgument(_) }
}
/** A call considered as a LDAP bind. */
private class NetLdapBind extends LdapBind::Range, DataFlow::CallNode {
private NetLdapConnection l;
NetLdapBind() { this = l.getAMethodCall("bind") }
override DataFlow::Node getHost() { result = getValue(l, "host") }
override DataFlow::Node getPassword() {
result = l.getAuthValue("password") or
result = l.getAMethodCall("auth").getArgument(1)
}
override predicate usesSsl() { l.usesSsl() }
}
/** LDAP Attribute value */
DataFlow::Node getValue(NetLdapConnection l, string attr) {
result =
[
l.getKeywordArgument(attr), l.getAMethodCall(attr).getArgument(0),
l.getAMethodCall(attr).getKeywordArgument(attr)
]
}
}

49
ruby/ql/lib/codeql/ruby/security/ImproperLdapAuthCustomizations.qll Normal file
View File

@@ -0,0 +1,49 @@
/**
* Provides default sources, sinks and sanitizers for detecting
* improper LDAP authentication, as well as extension points for adding your own
*/
private import codeql.ruby.Concepts
private import codeql.ruby.DataFlow
private import codeql.ruby.dataflow.BarrierGuards
private import codeql.ruby.dataflow.RemoteFlowSources
/**
* Provides default sources, sinks and sanitizers for detecting
* improper LDAP authentication, as well as extension points for adding your own
*/
module ImproperLdapAuth {
/** A data flow source for improper LDAP authentication vulnerabilities */
abstract class Source extends DataFlow::Node { }
/** A data flow sink for improper LDAP authentication vulnerabilities */
abstract class Sink extends DataFlow::Node { }
/** A sanitizer for improper LDAP authentication vulnerabilities. */
abstract class Sanitizer extends DataFlow::Node { }
/**
* A source of remote user input, considered as a flow source.
*/
private class RemoteFlowSourceAsSource extends Source, RemoteFlowSource { }
/**
* An LDAP query execution considered as a flow sink.
*/
private class LdapBindAsSink extends Sink {
LdapBindAsSink() { this = any(LdapBind l).getPassword() }
}
/**
* A comparison with a constant string, considered as a sanitizer-guard.
*/
private class StringConstCompareAsSanitizerGuard extends Sanitizer, StringConstCompareBarrier { }
/**
* An inclusion check against an array of constant strings, considered as a
* sanitizer-guard.
*/
private class StringConstArrayInclusionCallAsSanitizer extends Sanitizer,
StringConstArrayInclusionCallBarrier
{ }
}

21
ruby/ql/lib/codeql/ruby/security/ImproperLdapAuthQuery.qll Normal file
View File

@@ -0,0 +1,21 @@
/**
* Provides default sources, sinks and sanitizers for detecting
* improper LDAP authentication, as well as extension points for adding your own
*/
private import codeql.ruby.DataFlow
private import codeql.ruby.TaintTracking
private import ImproperLdapAuthCustomizations::ImproperLdapAuth
/**
* A taint-tracking configuration for detecting improper LDAP authentication vulnerabilities.
*/
class Configuration extends TaintTracking::Configuration {
Configuration() { this = "ImproperLdapAuth" }
override predicate isSource(DataFlow::Node source) { source instanceof Source }
override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
}

2
ruby/ql/lib/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/ruby-all
version: 0.7.3-dev
version: 0.7.4-dev
groups: ruby
extractor: ruby
dbscheme: ruby.dbscheme

4
ruby/ql/src/CHANGELOG.md
View File

@@ -1,3 +1,7 @@
## 0.7.3
No user-facing changes.
## 0.7.2
### New Queries

4
ruby/ql/src/change-notes/2023-05-29-improper-ldap-auth-query.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: newQuery
---
* Added a new experimental query, `rb/improper-ldap-auth`, to detect cases where user input is used during LDAP authentication without proper validation or sanitization, potentially leading to authentication bypass.

3
ruby/ql/src/change-notes/released/0.7.3.md Normal file
View File

@@ -0,0 +1,3 @@
## 0.7.3
No user-facing changes.

2
ruby/ql/src/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.7.2
lastReleaseVersion: 0.7.3

45
ruby/ql/src/experimental/cwe-208/UnsafeHmacComparison.ql Normal file
View File

@@ -0,0 +1,45 @@
/**
* @name Unsafe HMAC Comparison
* @description An HMAC is being compared using the equality operator. This may be vulnerable to a cryptographic timing attack
* because the equality operation does not occur in constant time."
* @kind path-problem
* @problem.severity error
* @security-severity 6.0
* @precision high
* @id rb/unsafe-hmac-comparison
* @tags security
* external/cwe/cwe-208
*/
private import codeql.ruby.AST
private import codeql.ruby.DataFlow
private import codeql.ruby.ApiGraphs
private class OpenSslHmacSource extends DataFlow::Node {
OpenSslHmacSource() {
exists(API::Node hmacNode | hmacNode = API::getTopLevelMember("OpenSSL").getMember("HMAC") |
this = hmacNode.getAMethodCall(["hexdigest", "to_s", "digest", "base64digest"])
or
this = hmacNode.getAnInstantiation()
)
}
}
private module UnsafeHmacComparison {
private module Config implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof OpenSslHmacSource }
// Holds if a given sink is an Equality Operation (== or !=)
predicate isSink(DataFlow::Node sink) {
any(EqualityOperation eqOp).getAnOperand() = sink.asExpr().getExpr()
}
}
import DataFlow::Global<Config>
}
private import UnsafeHmacComparison::PathGraph
from UnsafeHmacComparison::PathNode source, UnsafeHmacComparison::PathNode sink
where UnsafeHmacComparison::flowPath(source, sink)
select sink.getNode(), source, sink, "This comparison is potentially vulnerable to a timing attack."

21
ruby/ql/src/experimental/cwe-208/UnsafeHmacComparison.qlhelp Normal file
View File

@@ -0,0 +1,21 @@
<!DOCTYPE qhelp PUBLIC
"-//Semmle//qhelp//EN"
"qhelp.dtd">
<qhelp>
<overview>
<p>
Using the `==` or `!=` operator to compare a known valid HMAC with a user-supplied HMAC digest could lead to a timing attack, as these operations do not occur in constant time.
</p>
</overview>
<recommendation>
<p>
Instead of using `==` or `!=` to compare a known valid HMAC with a user-supplied HMAC digest use Rack::Utils#secure_compare, ActiveSupport::SecurityUtils#secure_compare or OpenSSL.secure_compare
</p>
</recommendation>
<example>
<p>
In this example, the HMAC is validated using the `==` operation.
</p>
<sample src="./examples/unsafe_hmac_comparison.rb" />
</example>
</qhelp>

11
ruby/ql/src/experimental/cwe-208/examples/unsafe_hmac_comparison.rb Normal file
View File

@@ -0,0 +1,11 @@
class UnsafeHmacComparison
def verify_hmac(host, hmac, salt)
sha1 = OpenSSL::Digest.new('sha1')
if OpenSSL::HMAC.digest(sha1, salt, host) == hmac
puts "HMAC verified"
else
puts "HMAC not verified"
end
end
end

39
ruby/ql/src/experimental/ldap-improper-auth/ImproperLdapAuth.qhelp Normal file
View File

@@ -0,0 +1,39 @@
<!DOCTYPE qhelp PUBLIC
"-//Semmle//qhelp//EN"
"qhelp.dtd">
<qhelp>
<overview>
<p>
If an LDAP connection uses user-supplied data as password, anonymous bind could be caused using an empty password
to result in a successful authentication.
</p>
</overview>
<recommendation>
<p>
Don't use user-supplied data as password while establishing an LDAP connection.
</p>
</recommendation>
<example>
<p>
In the following Rails example, an <code>ActionController</code> class
has a <code>ldap_handler</code> method to handle requests.
</p>
<p>
In the first example, the code builds a LDAP query whose authentication depends on user supplied data.
</p>
<sample src="examples/LdapAuthenticationBad.rb" />
<p>In the second example, the authentication is established using a default password.</p>
<sample src="examples/LdapAuthenticationGood.rb" />
</example>
<references>
<li>MITRE: <a href="https://cwe.mitre.org/data/definitions/287.html">CWE-287: Improper Authentication</a>.</li>
</references>
</qhelp>

20
ruby/ql/src/experimental/ldap-improper-auth/ImproperLdapAuth.ql Normal file
View File

@@ -0,0 +1,20 @@
/**
* @name Improper LDAP Authentication
* @description A user-controlled query carries no authentication
* @kind path-problem
* @problem.severity warning
* @id rb/improper-ldap-auth
* @tags security
* experimental
* external/cwe/cwe-287
*/
import codeql.ruby.DataFlow
import codeql.ruby.security.ImproperLdapAuthQuery
import codeql.ruby.Concepts
import DataFlow::PathGraph
from Configuration config, DataFlow::PathNode source, DataFlow::PathNode sink
where config.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "This LDAP authencation depends on a $@.", source.getNode(),
"user-provided value"

16
ruby/ql/src/experimental/ldap-improper-auth/examples/LdapAuthenticationBad.rb Normal file
View File

@@ -0,0 +1,16 @@
class FooController < ActionController::Base
def some_request_handler
pass = params[:pass]
ldap = Net::LDAP.new(
host: 'ldap.example.com',
port: 636,
encryption: :simple_tls,
auth: {
method: :simple,
username: 'uid=admin,dc=example,dc=com',
password: pass
}
)
ldap.bind
end
end

16
ruby/ql/src/experimental/ldap-improper-auth/examples/LdapAuthenticationGood.rb Normal file
View File

@@ -0,0 +1,16 @@
class FooController < ActionController::Base
def some_request_handler
pass = params[:pass]
ldap = Net::LDAP.new(
host: 'ldap.example.com',
port: 636,
encryption: :simple_tls,
auth: {
method: :simple,
username: 'uid=admin,dc=example,dc=com',
password: '$uper$password123'
}
)
ldap.bind
end
end

2
ruby/ql/src/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/ruby-queries
version: 0.7.3-dev
version: 0.7.4-dev
groups:
- ruby
- queries

16
ruby/ql/test/TestUtilities/InlineExpectationsTest.qll
View File

@@ -3,20 +3,6 @@
* See `shared/util/codeql/util/test/InlineExpectationsTest.qll`
*/
private import codeql.ruby.AST as R
private import codeql.util.test.InlineExpectationsTest
private module Impl implements InlineExpectationsTestSig {
private import codeql.ruby.ast.internal.TreeSitter
/**
* A class representing line comments in Ruby.
*/
class ExpectationComment extends Ruby::Comment {
string getContents() { result = this.getValue().suffix(1) }
}
class Location = R::Location;
}
private import internal.InlineExpectationsTestImpl
import Make<Impl>

101
ruby/ql/test/TestUtilities/InlineFlowTest.qll
View File

@@ -1,96 +1,21 @@
/**
* Provides a simple base test for flow-related tests using inline expectations.
*
* Example for a test.ql:
* ```ql
* import TestUtilities.InlineFlowTest
* import DefaultFlowTest
* import PathGraph
*
* from PathNode source, PathNode sink
* where flowPath(source, sink)
* select sink, source, sink, "$@", source, source.toString()
* ```
*
* To declare expectations, you can use the $hasTaintFlow or $hasValueFlow comments within the test source files.
* Example of the corresponding test file, e.g. test.rb
* ```rb
* s = source(1)
* sink(s); // $ hasValueFlow=1
* t = "foo" + taint(2);
* sink(t); // $ hasTaintFlow=2
* ```
*
* If you are only interested in value flow, then instead of importing `DefaultFlowTest`, you can import
* `ValueFlowTest<DefaultFlowConfig>`. Similarly, if you are only interested in taint flow, then instead of
* importing `DefaultFlowTest`, you can import `TaintFlowTest<DefaultFlowConfig>`. In both cases
* `DefaultFlowConfig` can be replaced by another implementation of `DataFlow::ConfigSig`.
*
* If you need more fine-grained tuning, consider implementing a test using `InlineExpectationsTest`.
* Inline flow tests for Ruby.
* See `shared/util/codeql/dataflow/test/InlineFlowTest.qll`
*/
import codeql.ruby.AST
import codeql.ruby.DataFlow
import codeql.ruby.TaintTracking
import TestUtilities.InlineExpectationsTest
import TestUtilities.InlineFlowTestUtil
import ruby
private import codeql.dataflow.test.InlineFlowTest
private import codeql.ruby.dataflow.internal.DataFlowImplSpecific
private import codeql.ruby.dataflow.internal.TaintTrackingImplSpecific
private import internal.InlineExpectationsTestImpl
module DefaultFlowConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { defaultSource(source) }
private module FlowTestImpl implements InputSig<RubyDataFlow> {
import TestUtilities.InlineFlowTestUtil
predicate isSink(DataFlow::Node sink) { defaultSink(sink) }
int fieldFlowBranchLimit() { result = 1000 }
}
private module NoFlowConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { none() }
predicate isSink(DataFlow::Node sink) { none() }
}
module FlowTest<DataFlow::ConfigSig ValueFlowConfig, DataFlow::ConfigSig TaintFlowConfig> {
module ValueFlow = DataFlow::Global<ValueFlowConfig>;
module TaintFlow = TaintTracking::Global<TaintFlowConfig>;
private module InlineTest implements TestSig {
string getARelevantTag() { result = ["hasValueFlow", "hasTaintFlow"] }
predicate hasActualResult(Location location, string element, string tag, string value) {
tag = "hasValueFlow" and
exists(DataFlow::Node src, DataFlow::Node sink | ValueFlow::flow(src, sink) |
sink.getLocation() = location and
element = sink.toString() and
if exists(getSourceArgString(src)) then value = getSourceArgString(src) else value = ""
)
or
tag = "hasTaintFlow" and
exists(DataFlow::Node src, DataFlow::Node sink |
TaintFlow::flow(src, sink) and not ValueFlow::flow(src, sink)
|
sink.getLocation() = location and
element = sink.toString() and
if exists(getSourceArgString(src)) then value = getSourceArgString(src) else value = ""
)
}
}
import MakeTest<InlineTest>
import DataFlow::MergePathGraph<ValueFlow::PathNode, TaintFlow::PathNode, ValueFlow::PathGraph, TaintFlow::PathGraph>
predicate flowPath(PathNode source, PathNode sink) {
ValueFlow::flowPath(source.asPathNode1(), sink.asPathNode1()) or
TaintFlow::flowPath(source.asPathNode2(), sink.asPathNode2())
string getArgString(DataFlow::Node src, DataFlow::Node sink) {
(if exists(getSourceArgString(src)) then result = getSourceArgString(src) else result = "") and
exists(sink)
}
}
module DefaultFlowTest = FlowTest<DefaultFlowConfig, DefaultFlowConfig>;
module ValueFlowTest<DataFlow::ConfigSig ValueFlowConfig> {
import FlowTest<ValueFlowConfig, NoFlowConfig>
}
module TaintFlowTest<DataFlow::ConfigSig TaintFlowConfig> {
import FlowTest<NoFlowConfig, TaintFlowConfig>
}
import InlineFlowTestMake<RubyDataFlow, RubyTaintTracking, Impl, FlowTestImpl>

15
ruby/ql/test/TestUtilities/internal/InlineExpectationsTestImpl.qll Normal file
View File

@@ -0,0 +1,15 @@
private import codeql.ruby.AST as R
private import codeql.util.test.InlineExpectationsTest
module Impl implements InlineExpectationsTestSig {
private import codeql.ruby.ast.internal.TreeSitter
/**
* A class representing line comments in Ruby.
*/
class ExpectationComment extends Ruby::Comment {
string getContents() { result = this.getValue().suffix(1) }
}
class Location = R::Location;
}

4398
ruby/ql/test/library-tests/dataflow/array-flow/array-flow.expected
View File

File diff suppressed because it is too large Load Diff

2
ruby/ql/test/library-tests/dataflow/array-flow/array-flow.ql
View File

@@ -5,7 +5,7 @@
import codeql.ruby.AST
import TestUtilities.InlineFlowTest
import DefaultFlowTest
import PathGraph
import ValueFlow::PathGraph
from ValueFlow::PathNode source, ValueFlow::PathNode sink
where ValueFlow::flowPath(source, sink)

166
ruby/ql/test/library-tests/dataflow/call-sensitivity/call-sensitivity.expected
View File

@@ -1,336 +1,170 @@
failures
testFailures
edges
| call_sensitivity.rb:9:7:9:13 | call to taint | call_sensitivity.rb:9:6:9:14 | ( ... ) |
| call_sensitivity.rb:9:7:9:13 | call to taint | call_sensitivity.rb:9:6:9:14 | ( ... ) |
| call_sensitivity.rb:11:13:11:13 | x | call_sensitivity.rb:12:11:12:11 | x |
| call_sensitivity.rb:11:13:11:13 | x | call_sensitivity.rb:12:11:12:11 | x |
| call_sensitivity.rb:12:11:12:11 | x | call_sensitivity.rb:19:22:19:22 | x |
| call_sensitivity.rb:12:11:12:11 | x | call_sensitivity.rb:19:22:19:22 | x |
| call_sensitivity.rb:19:9:19:17 | ( ... ) | call_sensitivity.rb:11:13:11:13 | x |
| call_sensitivity.rb:19:9:19:17 | ( ... ) | call_sensitivity.rb:11:13:11:13 | x |
| call_sensitivity.rb:19:10:19:16 | call to taint | call_sensitivity.rb:19:9:19:17 | ( ... ) |
| call_sensitivity.rb:19:10:19:16 | call to taint | call_sensitivity.rb:19:9:19:17 | ( ... ) |
| call_sensitivity.rb:19:22:19:22 | x | call_sensitivity.rb:19:30:19:30 | x |
| call_sensitivity.rb:19:22:19:22 | x | call_sensitivity.rb:19:30:19:30 | x |
| call_sensitivity.rb:21:27:21:27 | x | call_sensitivity.rb:22:17:22:17 | x |
| call_sensitivity.rb:21:27:21:27 | x | call_sensitivity.rb:22:17:22:17 | x |
| call_sensitivity.rb:21:27:21:27 | x | call_sensitivity.rb:22:17:22:17 | x |
| call_sensitivity.rb:21:27:21:27 | x | call_sensitivity.rb:22:17:22:17 | x |
| call_sensitivity.rb:21:27:21:27 | x | call_sensitivity.rb:22:17:22:17 | x |
| call_sensitivity.rb:21:27:21:27 | x | call_sensitivity.rb:22:17:22:17 | x |
| call_sensitivity.rb:22:17:22:17 | x | call_sensitivity.rb:31:17:31:17 | x |
| call_sensitivity.rb:22:17:22:17 | x | call_sensitivity.rb:31:17:31:17 | x |
| call_sensitivity.rb:22:17:22:17 | x | call_sensitivity.rb:40:23:40:23 | x |
| call_sensitivity.rb:22:17:22:17 | x | call_sensitivity.rb:40:23:40:23 | x |
| call_sensitivity.rb:22:17:22:17 | x | call_sensitivity.rb:43:24:43:24 | x |
| call_sensitivity.rb:22:17:22:17 | x | call_sensitivity.rb:43:24:43:24 | x |
| call_sensitivity.rb:31:17:31:17 | x | call_sensitivity.rb:31:27:31:27 | x |
| call_sensitivity.rb:31:17:31:17 | x | call_sensitivity.rb:31:27:31:27 | x |
| call_sensitivity.rb:32:25:32:32 | call to taint | call_sensitivity.rb:21:27:21:27 | x |
| call_sensitivity.rb:32:25:32:32 | call to taint | call_sensitivity.rb:21:27:21:27 | x |
| call_sensitivity.rb:40:23:40:23 | x | call_sensitivity.rb:40:31:40:31 | x |
| call_sensitivity.rb:40:23:40:23 | x | call_sensitivity.rb:40:31:40:31 | x |
| call_sensitivity.rb:41:25:41:32 | call to taint | call_sensitivity.rb:21:27:21:27 | x |
| call_sensitivity.rb:41:25:41:32 | call to taint | call_sensitivity.rb:21:27:21:27 | x |
| call_sensitivity.rb:43:24:43:24 | x | call_sensitivity.rb:43:32:43:32 | x |
| call_sensitivity.rb:43:24:43:24 | x | call_sensitivity.rb:43:32:43:32 | x |
| call_sensitivity.rb:44:26:44:33 | call to taint | call_sensitivity.rb:21:27:21:27 | x |
| call_sensitivity.rb:44:26:44:33 | call to taint | call_sensitivity.rb:21:27:21:27 | x |
| call_sensitivity.rb:50:15:50:15 | x | call_sensitivity.rb:51:10:51:10 | x |
| call_sensitivity.rb:50:15:50:15 | x | call_sensitivity.rb:51:10:51:10 | x |
| call_sensitivity.rb:54:15:54:15 | x | call_sensitivity.rb:55:13:55:13 | x |
| call_sensitivity.rb:54:15:54:15 | x | call_sensitivity.rb:55:13:55:13 | x |
| call_sensitivity.rb:54:15:54:15 | x | call_sensitivity.rb:55:13:55:13 | x |
| call_sensitivity.rb:54:15:54:15 | x | call_sensitivity.rb:55:13:55:13 | x |
| call_sensitivity.rb:55:13:55:13 | x | call_sensitivity.rb:50:15:50:15 | x |
| call_sensitivity.rb:55:13:55:13 | x | call_sensitivity.rb:50:15:50:15 | x |
| call_sensitivity.rb:55:13:55:13 | x | call_sensitivity.rb:50:15:50:15 | x |
| call_sensitivity.rb:55:13:55:13 | x | call_sensitivity.rb:50:15:50:15 | x |
| call_sensitivity.rb:58:20:58:20 | x | call_sensitivity.rb:59:18:59:18 | x |
| call_sensitivity.rb:58:20:58:20 | x | call_sensitivity.rb:59:18:59:18 | x |
| call_sensitivity.rb:59:18:59:18 | x | call_sensitivity.rb:54:15:54:15 | x |
| call_sensitivity.rb:59:18:59:18 | x | call_sensitivity.rb:54:15:54:15 | x |
| call_sensitivity.rb:62:18:62:18 | y | call_sensitivity.rb:63:15:63:15 | y |
| call_sensitivity.rb:62:18:62:18 | y | call_sensitivity.rb:63:15:63:15 | y |
| call_sensitivity.rb:62:18:62:18 | y | call_sensitivity.rb:63:15:63:15 | y |
| call_sensitivity.rb:62:18:62:18 | y | call_sensitivity.rb:63:15:63:15 | y |
| call_sensitivity.rb:63:15:63:15 | y | call_sensitivity.rb:50:15:50:15 | x |
| call_sensitivity.rb:63:15:63:15 | y | call_sensitivity.rb:50:15:50:15 | x |
| call_sensitivity.rb:63:15:63:15 | y | call_sensitivity.rb:50:15:50:15 | x |
| call_sensitivity.rb:63:15:63:15 | y | call_sensitivity.rb:50:15:50:15 | x |
| call_sensitivity.rb:66:20:66:20 | x | call_sensitivity.rb:67:24:67:24 | x |
| call_sensitivity.rb:66:20:66:20 | x | call_sensitivity.rb:67:24:67:24 | x |
| call_sensitivity.rb:67:24:67:24 | x | call_sensitivity.rb:62:18:62:18 | y |
| call_sensitivity.rb:67:24:67:24 | x | call_sensitivity.rb:62:18:62:18 | y |
| call_sensitivity.rb:70:30:70:30 | x | call_sensitivity.rb:71:10:71:10 | x |
| call_sensitivity.rb:70:30:70:30 | x | call_sensitivity.rb:71:10:71:10 | x |
| call_sensitivity.rb:74:18:74:18 | y | call_sensitivity.rb:76:17:76:17 | y |
| call_sensitivity.rb:74:18:74:18 | y | call_sensitivity.rb:76:17:76:17 | y |
| call_sensitivity.rb:76:17:76:17 | y | call_sensitivity.rb:50:15:50:15 | x |
| call_sensitivity.rb:76:17:76:17 | y | call_sensitivity.rb:50:15:50:15 | x |
| call_sensitivity.rb:80:15:80:15 | x | call_sensitivity.rb:81:18:81:18 | x |
| call_sensitivity.rb:80:15:80:15 | x | call_sensitivity.rb:81:18:81:18 | x |
| call_sensitivity.rb:81:18:81:18 | x | call_sensitivity.rb:50:15:50:15 | x |
| call_sensitivity.rb:81:18:81:18 | x | call_sensitivity.rb:50:15:50:15 | x |
| call_sensitivity.rb:85:18:85:27 | ( ... ) | call_sensitivity.rb:80:15:80:15 | x |
| call_sensitivity.rb:85:18:85:27 | ( ... ) | call_sensitivity.rb:80:15:80:15 | x |
| call_sensitivity.rb:85:19:85:26 | call to taint | call_sensitivity.rb:85:18:85:27 | ( ... ) |
| call_sensitivity.rb:85:19:85:26 | call to taint | call_sensitivity.rb:85:18:85:27 | ( ... ) |
| call_sensitivity.rb:88:30:88:30 | x | call_sensitivity.rb:89:23:89:23 | x |
| call_sensitivity.rb:88:30:88:30 | x | call_sensitivity.rb:89:23:89:23 | x |
| call_sensitivity.rb:88:30:88:30 | x | call_sensitivity.rb:89:23:89:23 | x |
| call_sensitivity.rb:88:30:88:30 | x | call_sensitivity.rb:89:23:89:23 | x |
| call_sensitivity.rb:89:23:89:23 | x | call_sensitivity.rb:70:30:70:30 | x |
| call_sensitivity.rb:89:23:89:23 | x | call_sensitivity.rb:70:30:70:30 | x |
| call_sensitivity.rb:89:23:89:23 | x | call_sensitivity.rb:70:30:70:30 | x |
| call_sensitivity.rb:89:23:89:23 | x | call_sensitivity.rb:70:30:70:30 | x |
| call_sensitivity.rb:92:35:92:35 | x | call_sensitivity.rb:93:28:93:28 | x |
| call_sensitivity.rb:92:35:92:35 | x | call_sensitivity.rb:93:28:93:28 | x |
| call_sensitivity.rb:93:28:93:28 | x | call_sensitivity.rb:88:30:88:30 | x |
| call_sensitivity.rb:93:28:93:28 | x | call_sensitivity.rb:88:30:88:30 | x |
| call_sensitivity.rb:96:33:96:33 | y | call_sensitivity.rb:97:25:97:25 | y |
| call_sensitivity.rb:96:33:96:33 | y | call_sensitivity.rb:97:25:97:25 | y |
| call_sensitivity.rb:96:33:96:33 | y | call_sensitivity.rb:97:25:97:25 | y |
| call_sensitivity.rb:96:33:96:33 | y | call_sensitivity.rb:97:25:97:25 | y |
| call_sensitivity.rb:97:25:97:25 | y | call_sensitivity.rb:70:30:70:30 | x |
| call_sensitivity.rb:97:25:97:25 | y | call_sensitivity.rb:70:30:70:30 | x |
| call_sensitivity.rb:97:25:97:25 | y | call_sensitivity.rb:70:30:70:30 | x |
| call_sensitivity.rb:97:25:97:25 | y | call_sensitivity.rb:70:30:70:30 | x |
| call_sensitivity.rb:100:35:100:35 | x | call_sensitivity.rb:101:34:101:34 | x |
| call_sensitivity.rb:100:35:100:35 | x | call_sensitivity.rb:101:34:101:34 | x |
| call_sensitivity.rb:101:34:101:34 | x | call_sensitivity.rb:96:33:96:33 | y |
| call_sensitivity.rb:101:34:101:34 | x | call_sensitivity.rb:96:33:96:33 | y |
| call_sensitivity.rb:104:18:104:18 | x | call_sensitivity.rb:105:10:105:10 | x |
| call_sensitivity.rb:104:18:104:18 | x | call_sensitivity.rb:105:10:105:10 | x |
| call_sensitivity.rb:104:18:104:18 | x | call_sensitivity.rb:105:10:105:10 | x |
| call_sensitivity.rb:104:18:104:18 | x | call_sensitivity.rb:105:10:105:10 | x |
| call_sensitivity.rb:104:18:104:18 | x | call_sensitivity.rb:105:10:105:10 | x |
| call_sensitivity.rb:104:18:104:18 | x | call_sensitivity.rb:105:10:105:10 | x |
| call_sensitivity.rb:104:18:104:18 | x | call_sensitivity.rb:105:10:105:10 | x |
| call_sensitivity.rb:104:18:104:18 | x | call_sensitivity.rb:105:10:105:10 | x |
| call_sensitivity.rb:104:18:104:18 | x | call_sensitivity.rb:106:13:106:13 | x |
| call_sensitivity.rb:104:18:104:18 | x | call_sensitivity.rb:106:13:106:13 | x |
| call_sensitivity.rb:104:18:104:18 | x | call_sensitivity.rb:106:13:106:13 | x |
| call_sensitivity.rb:104:18:104:18 | x | call_sensitivity.rb:106:13:106:13 | x |
| call_sensitivity.rb:104:18:104:18 | x | call_sensitivity.rb:106:13:106:13 | x |
| call_sensitivity.rb:104:18:104:18 | x | call_sensitivity.rb:106:13:106:13 | x |
| call_sensitivity.rb:106:13:106:13 | x | call_sensitivity.rb:50:15:50:15 | x |
| call_sensitivity.rb:106:13:106:13 | x | call_sensitivity.rb:50:15:50:15 | x |
| call_sensitivity.rb:106:13:106:13 | x | call_sensitivity.rb:50:15:50:15 | x |
| call_sensitivity.rb:106:13:106:13 | x | call_sensitivity.rb:50:15:50:15 | x |
| call_sensitivity.rb:106:13:106:13 | x | call_sensitivity.rb:50:15:50:15 | x |
| call_sensitivity.rb:106:13:106:13 | x | call_sensitivity.rb:50:15:50:15 | x |
| call_sensitivity.rb:109:21:109:21 | x | call_sensitivity.rb:110:9:110:9 | x |
| call_sensitivity.rb:109:21:109:21 | x | call_sensitivity.rb:110:9:110:9 | x |
| call_sensitivity.rb:110:9:110:9 | x | call_sensitivity.rb:104:18:104:18 | x |
| call_sensitivity.rb:110:9:110:9 | x | call_sensitivity.rb:104:18:104:18 | x |
| call_sensitivity.rb:114:11:114:20 | ( ... ) | call_sensitivity.rb:104:18:104:18 | x |
| call_sensitivity.rb:114:11:114:20 | ( ... ) | call_sensitivity.rb:104:18:104:18 | x |
| call_sensitivity.rb:114:12:114:19 | call to taint | call_sensitivity.rb:114:11:114:20 | ( ... ) |
| call_sensitivity.rb:114:12:114:19 | call to taint | call_sensitivity.rb:114:11:114:20 | ( ... ) |
| call_sensitivity.rb:115:11:115:18 | call to taint | call_sensitivity.rb:54:15:54:15 | x |
| call_sensitivity.rb:115:11:115:18 | call to taint | call_sensitivity.rb:54:15:54:15 | x |
| call_sensitivity.rb:116:16:116:23 | call to taint | call_sensitivity.rb:58:20:58:20 | x |
| call_sensitivity.rb:116:16:116:23 | call to taint | call_sensitivity.rb:58:20:58:20 | x |
| call_sensitivity.rb:117:14:117:22 | call to taint | call_sensitivity.rb:62:18:62:18 | y |
| call_sensitivity.rb:117:14:117:22 | call to taint | call_sensitivity.rb:62:18:62:18 | y |
| call_sensitivity.rb:118:16:118:24 | call to taint | call_sensitivity.rb:66:20:66:20 | x |
| call_sensitivity.rb:118:16:118:24 | call to taint | call_sensitivity.rb:66:20:66:20 | x |
| call_sensitivity.rb:119:14:119:22 | call to taint | call_sensitivity.rb:74:18:74:18 | y |
| call_sensitivity.rb:119:14:119:22 | call to taint | call_sensitivity.rb:74:18:74:18 | y |
| call_sensitivity.rb:121:21:121:28 | call to taint | call_sensitivity.rb:88:30:88:30 | x |
| call_sensitivity.rb:121:21:121:28 | call to taint | call_sensitivity.rb:88:30:88:30 | x |
| call_sensitivity.rb:122:26:122:33 | call to taint | call_sensitivity.rb:92:35:92:35 | x |
| call_sensitivity.rb:122:26:122:33 | call to taint | call_sensitivity.rb:92:35:92:35 | x |
| call_sensitivity.rb:123:24:123:32 | call to taint | call_sensitivity.rb:96:33:96:33 | y |
| call_sensitivity.rb:123:24:123:32 | call to taint | call_sensitivity.rb:96:33:96:33 | y |
| call_sensitivity.rb:124:26:124:33 | call to taint | call_sensitivity.rb:100:35:100:35 | x |
| call_sensitivity.rb:124:26:124:33 | call to taint | call_sensitivity.rb:100:35:100:35 | x |
| call_sensitivity.rb:125:12:125:19 | call to taint | call_sensitivity.rb:109:21:109:21 | x |
| call_sensitivity.rb:125:12:125:19 | call to taint | call_sensitivity.rb:109:21:109:21 | x |
| call_sensitivity.rb:166:14:166:22 | call to taint | call_sensitivity.rb:74:18:74:18 | y |
| call_sensitivity.rb:166:14:166:22 | call to taint | call_sensitivity.rb:74:18:74:18 | y |
| call_sensitivity.rb:174:19:174:19 | x | call_sensitivity.rb:175:12:175:12 | x |
| call_sensitivity.rb:174:19:174:19 | x | call_sensitivity.rb:175:12:175:12 | x |
| call_sensitivity.rb:175:12:175:12 | x | call_sensitivity.rb:104:18:104:18 | x |
| call_sensitivity.rb:175:12:175:12 | x | call_sensitivity.rb:104:18:104:18 | x |
| call_sensitivity.rb:178:11:178:19 | call to taint | call_sensitivity.rb:174:19:174:19 | x |
| call_sensitivity.rb:178:11:178:19 | call to taint | call_sensitivity.rb:174:19:174:19 | x |
| call_sensitivity.rb:187:11:187:20 | ( ... ) | call_sensitivity.rb:104:18:104:18 | x |
| call_sensitivity.rb:187:11:187:20 | ( ... ) | call_sensitivity.rb:104:18:104:18 | x |
| call_sensitivity.rb:187:12:187:19 | call to taint | call_sensitivity.rb:187:11:187:20 | ( ... ) |
| call_sensitivity.rb:187:12:187:19 | call to taint | call_sensitivity.rb:187:11:187:20 | ( ... ) |
nodes
| call_sensitivity.rb:9:6:9:14 | ( ... ) | semmle.label | ( ... ) |
| call_sensitivity.rb:9:6:9:14 | ( ... ) | semmle.label | ( ... ) |
| call_sensitivity.rb:9:7:9:13 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:9:7:9:13 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:11:13:11:13 | x | semmle.label | x |
| call_sensitivity.rb:11:13:11:13 | x | semmle.label | x |
| call_sensitivity.rb:12:11:12:11 | x | semmle.label | x |
| call_sensitivity.rb:12:11:12:11 | x | semmle.label | x |
| call_sensitivity.rb:19:9:19:17 | ( ... ) | semmle.label | ( ... ) |
| call_sensitivity.rb:19:9:19:17 | ( ... ) | semmle.label | ( ... ) |
| call_sensitivity.rb:19:10:19:16 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:19:10:19:16 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:19:22:19:22 | x | semmle.label | x |
| call_sensitivity.rb:19:22:19:22 | x | semmle.label | x |
| call_sensitivity.rb:19:30:19:30 | x | semmle.label | x |
| call_sensitivity.rb:19:30:19:30 | x | semmle.label | x |
| call_sensitivity.rb:21:27:21:27 | x | semmle.label | x |
| call_sensitivity.rb:21:27:21:27 | x | semmle.label | x |
| call_sensitivity.rb:21:27:21:27 | x | semmle.label | x |
| call_sensitivity.rb:21:27:21:27 | x | semmle.label | x |
| call_sensitivity.rb:21:27:21:27 | x | semmle.label | x |
| call_sensitivity.rb:21:27:21:27 | x | semmle.label | x |
| call_sensitivity.rb:22:17:22:17 | x | semmle.label | x |
| call_sensitivity.rb:22:17:22:17 | x | semmle.label | x |
| call_sensitivity.rb:22:17:22:17 | x | semmle.label | x |
| call_sensitivity.rb:22:17:22:17 | x | semmle.label | x |
| call_sensitivity.rb:22:17:22:17 | x | semmle.label | x |
| call_sensitivity.rb:22:17:22:17 | x | semmle.label | x |
| call_sensitivity.rb:31:17:31:17 | x | semmle.label | x |
| call_sensitivity.rb:31:17:31:17 | x | semmle.label | x |
| call_sensitivity.rb:31:27:31:27 | x | semmle.label | x |
| call_sensitivity.rb:31:27:31:27 | x | semmle.label | x |
| call_sensitivity.rb:32:25:32:32 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:32:25:32:32 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:40:23:40:23 | x | semmle.label | x |
| call_sensitivity.rb:40:23:40:23 | x | semmle.label | x |
| call_sensitivity.rb:40:31:40:31 | x | semmle.label | x |
| call_sensitivity.rb:40:31:40:31 | x | semmle.label | x |
| call_sensitivity.rb:41:25:41:32 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:41:25:41:32 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:43:24:43:24 | x | semmle.label | x |
| call_sensitivity.rb:43:24:43:24 | x | semmle.label | x |
| call_sensitivity.rb:43:32:43:32 | x | semmle.label | x |
| call_sensitivity.rb:43:32:43:32 | x | semmle.label | x |
| call_sensitivity.rb:44:26:44:33 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:44:26:44:33 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:50:15:50:15 | x | semmle.label | x |
| call_sensitivity.rb:50:15:50:15 | x | semmle.label | x |
| call_sensitivity.rb:51:10:51:10 | x | semmle.label | x |
| call_sensitivity.rb:51:10:51:10 | x | semmle.label | x |
| call_sensitivity.rb:54:15:54:15 | x | semmle.label | x |
| call_sensitivity.rb:54:15:54:15 | x | semmle.label | x |
| call_sensitivity.rb:54:15:54:15 | x | semmle.label | x |
| call_sensitivity.rb:54:15:54:15 | x | semmle.label | x |
| call_sensitivity.rb:55:13:55:13 | x | semmle.label | x |
| call_sensitivity.rb:55:13:55:13 | x | semmle.label | x |
| call_sensitivity.rb:55:13:55:13 | x | semmle.label | x |
| call_sensitivity.rb:55:13:55:13 | x | semmle.label | x |
| call_sensitivity.rb:58:20:58:20 | x | semmle.label | x |
| call_sensitivity.rb:58:20:58:20 | x | semmle.label | x |
| call_sensitivity.rb:59:18:59:18 | x | semmle.label | x |
| call_sensitivity.rb:59:18:59:18 | x | semmle.label | x |
| call_sensitivity.rb:62:18:62:18 | y | semmle.label | y |
| call_sensitivity.rb:62:18:62:18 | y | semmle.label | y |
| call_sensitivity.rb:62:18:62:18 | y | semmle.label | y |
| call_sensitivity.rb:62:18:62:18 | y | semmle.label | y |
| call_sensitivity.rb:63:15:63:15 | y | semmle.label | y |
| call_sensitivity.rb:63:15:63:15 | y | semmle.label | y |
| call_sensitivity.rb:63:15:63:15 | y | semmle.label | y |
| call_sensitivity.rb:63:15:63:15 | y | semmle.label | y |
| call_sensitivity.rb:66:20:66:20 | x | semmle.label | x |
| call_sensitivity.rb:66:20:66:20 | x | semmle.label | x |
| call_sensitivity.rb:67:24:67:24 | x | semmle.label | x |
| call_sensitivity.rb:67:24:67:24 | x | semmle.label | x |
| call_sensitivity.rb:70:30:70:30 | x | semmle.label | x |
| call_sensitivity.rb:70:30:70:30 | x | semmle.label | x |
| call_sensitivity.rb:71:10:71:10 | x | semmle.label | x |
| call_sensitivity.rb:71:10:71:10 | x | semmle.label | x |
| call_sensitivity.rb:74:18:74:18 | y | semmle.label | y |
| call_sensitivity.rb:74:18:74:18 | y | semmle.label | y |
| call_sensitivity.rb:76:17:76:17 | y | semmle.label | y |
| call_sensitivity.rb:76:17:76:17 | y | semmle.label | y |
| call_sensitivity.rb:80:15:80:15 | x | semmle.label | x |
| call_sensitivity.rb:80:15:80:15 | x | semmle.label | x |
| call_sensitivity.rb:81:18:81:18 | x | semmle.label | x |
| call_sensitivity.rb:81:18:81:18 | x | semmle.label | x |
| call_sensitivity.rb:85:18:85:27 | ( ... ) | semmle.label | ( ... ) |
| call_sensitivity.rb:85:18:85:27 | ( ... ) | semmle.label | ( ... ) |
| call_sensitivity.rb:85:19:85:26 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:85:19:85:26 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:88:30:88:30 | x | semmle.label | x |
| call_sensitivity.rb:88:30:88:30 | x | semmle.label | x |
| call_sensitivity.rb:88:30:88:30 | x | semmle.label | x |
| call_sensitivity.rb:88:30:88:30 | x | semmle.label | x |
| call_sensitivity.rb:89:23:89:23 | x | semmle.label | x |
| call_sensitivity.rb:89:23:89:23 | x | semmle.label | x |
| call_sensitivity.rb:89:23:89:23 | x | semmle.label | x |
| call_sensitivity.rb:89:23:89:23 | x | semmle.label | x |
| call_sensitivity.rb:92:35:92:35 | x | semmle.label | x |
| call_sensitivity.rb:92:35:92:35 | x | semmle.label | x |
| call_sensitivity.rb:93:28:93:28 | x | semmle.label | x |
| call_sensitivity.rb:93:28:93:28 | x | semmle.label | x |
| call_sensitivity.rb:96:33:96:33 | y | semmle.label | y |
| call_sensitivity.rb:96:33:96:33 | y | semmle.label | y |
| call_sensitivity.rb:96:33:96:33 | y | semmle.label | y |
| call_sensitivity.rb:96:33:96:33 | y | semmle.label | y |
| call_sensitivity.rb:97:25:97:25 | y | semmle.label | y |
| call_sensitivity.rb:97:25:97:25 | y | semmle.label | y |
| call_sensitivity.rb:97:25:97:25 | y | semmle.label | y |
| call_sensitivity.rb:97:25:97:25 | y | semmle.label | y |
| call_sensitivity.rb:100:35:100:35 | x | semmle.label | x |
| call_sensitivity.rb:100:35:100:35 | x | semmle.label | x |
| call_sensitivity.rb:101:34:101:34 | x | semmle.label | x |
| call_sensitivity.rb:101:34:101:34 | x | semmle.label | x |
| call_sensitivity.rb:104:18:104:18 | x | semmle.label | x |
| call_sensitivity.rb:104:18:104:18 | x | semmle.label | x |
| call_sensitivity.rb:104:18:104:18 | x | semmle.label | x |
| call_sensitivity.rb:104:18:104:18 | x | semmle.label | x |
| call_sensitivity.rb:104:18:104:18 | x | semmle.label | x |
| call_sensitivity.rb:104:18:104:18 | x | semmle.label | x |
| call_sensitivity.rb:104:18:104:18 | x | semmle.label | x |
| call_sensitivity.rb:104:18:104:18 | x | semmle.label | x |
| call_sensitivity.rb:105:10:105:10 | x | semmle.label | x |
| call_sensitivity.rb:105:10:105:10 | x | semmle.label | x |
| call_sensitivity.rb:106:13:106:13 | x | semmle.label | x |
| call_sensitivity.rb:106:13:106:13 | x | semmle.label | x |
| call_sensitivity.rb:106:13:106:13 | x | semmle.label | x |
| call_sensitivity.rb:106:13:106:13 | x | semmle.label | x |
| call_sensitivity.rb:106:13:106:13 | x | semmle.label | x |
| call_sensitivity.rb:106:13:106:13 | x | semmle.label | x |
| call_sensitivity.rb:109:21:109:21 | x | semmle.label | x |
| call_sensitivity.rb:109:21:109:21 | x | semmle.label | x |
| call_sensitivity.rb:110:9:110:9 | x | semmle.label | x |
| call_sensitivity.rb:110:9:110:9 | x | semmle.label | x |
| call_sensitivity.rb:114:11:114:20 | ( ... ) | semmle.label | ( ... ) |
| call_sensitivity.rb:114:11:114:20 | ( ... ) | semmle.label | ( ... ) |
| call_sensitivity.rb:114:12:114:19 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:114:12:114:19 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:115:11:115:18 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:115:11:115:18 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:116:16:116:23 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:116:16:116:23 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:117:14:117:22 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:117:14:117:22 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:118:16:118:24 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:118:16:118:24 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:119:14:119:22 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:119:14:119:22 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:121:21:121:28 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:121:21:121:28 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:122:26:122:33 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:122:26:122:33 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:123:24:123:32 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:123:24:123:32 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:124:26:124:33 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:124:26:124:33 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:125:12:125:19 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:125:12:125:19 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:166:14:166:22 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:166:14:166:22 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:174:19:174:19 | x | semmle.label | x |
| call_sensitivity.rb:174:19:174:19 | x | semmle.label | x |
| call_sensitivity.rb:175:12:175:12 | x | semmle.label | x |
| call_sensitivity.rb:175:12:175:12 | x | semmle.label | x |
| call_sensitivity.rb:178:11:178:19 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:178:11:178:19 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:187:11:187:20 | ( ... ) | semmle.label | ( ... ) |
| call_sensitivity.rb:187:11:187:20 | ( ... ) | semmle.label | ( ... ) |
| call_sensitivity.rb:187:12:187:19 | call to taint | semmle.label | call to taint |
| call_sensitivity.rb:187:12:187:19 | call to taint | semmle.label | call to taint |
subpaths
#select

2
ruby/ql/test/library-tests/dataflow/call-sensitivity/call-sensitivity.ql
View File

@@ -6,7 +6,7 @@ import codeql.ruby.AST
import codeql.ruby.DataFlow
import TestUtilities.InlineFlowTest
import DefaultFlowTest
import PathGraph
import TaintFlow::PathGraph
import codeql.ruby.dataflow.internal.DataFlowDispatch as DataFlowDispatch
query predicate mayBenefitFromCallContext = DataFlowDispatch::mayBenefitFromCallContext/2;

1
ruby/ql/test/library-tests/dataflow/flow-summaries/semantics.expected
View File

@@ -1,4 +1,3 @@
failures
testFailures
edges
| semantics.rb:2:5:2:5 | a | semantics.rb:3:9:3:9 | a |

253
ruby/ql/test/library-tests/dataflow/global/Flow.expected
View File

@@ -1,89 +1,47 @@
failures
testFailures
edges
| captured_variables.rb:1:24:1:24 | x | captured_variables.rb:2:20:2:20 | x |
| captured_variables.rb:1:24:1:24 | x | captured_variables.rb:2:20:2:20 | x |
| captured_variables.rb:5:20:5:30 | call to source | captured_variables.rb:1:24:1:24 | x |
| captured_variables.rb:5:20:5:30 | call to source | captured_variables.rb:1:24:1:24 | x |
| captured_variables.rb:21:33:21:33 | x | captured_variables.rb:23:14:23:14 | x |
| captured_variables.rb:21:33:21:33 | x | captured_variables.rb:23:14:23:14 | x |
| captured_variables.rb:27:29:27:39 | call to source | captured_variables.rb:21:33:21:33 | x |
| captured_variables.rb:27:29:27:39 | call to source | captured_variables.rb:21:33:21:33 | x |
| captured_variables.rb:32:31:32:31 | x | captured_variables.rb:34:14:34:14 | x |
| captured_variables.rb:32:31:32:31 | x | captured_variables.rb:34:14:34:14 | x |
| captured_variables.rb:38:27:38:37 | call to source | captured_variables.rb:32:31:32:31 | x |
| captured_variables.rb:38:27:38:37 | call to source | captured_variables.rb:32:31:32:31 | x |
| instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:18:11:18 | x |
| instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:18:11:18 | x |
| instance_variables.rb:11:18:11:18 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] |
| instance_variables.rb:11:18:11:18 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] |
| instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:16:14:21 | self [@field] |
| instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:16:14:21 | self [@field] |
| instance_variables.rb:14:16:14:21 | @field | instance_variables.rb:14:9:14:21 | return |
| instance_variables.rb:14:16:14:21 | @field | instance_variables.rb:14:9:14:21 | return |
| instance_variables.rb:14:16:14:21 | self [@field] | instance_variables.rb:14:16:14:21 | @field |
| instance_variables.rb:14:16:14:21 | self [@field] | instance_variables.rb:14:16:14:21 | @field |
| instance_variables.rb:16:5:18:7 | self in inc_field [@field] | instance_variables.rb:17:9:17:14 | [post] self [@field] |
| instance_variables.rb:17:9:17:14 | [post] self [@field] | instance_variables.rb:17:9:17:14 | [post] self [@field] |
| instance_variables.rb:19:5:19:8 | [post] self [@foo] | instance_variables.rb:20:10:20:13 | self [@foo] |
| instance_variables.rb:19:5:19:8 | [post] self [@foo] | instance_variables.rb:20:10:20:13 | self [@foo] |
| instance_variables.rb:19:12:19:21 | call to taint | instance_variables.rb:19:5:19:8 | [post] self [@foo] |
| instance_variables.rb:19:12:19:21 | call to taint | instance_variables.rb:19:5:19:8 | [post] self [@foo] |
| instance_variables.rb:20:10:20:13 | self [@foo] | instance_variables.rb:20:10:20:13 | @foo |
| instance_variables.rb:20:10:20:13 | self [@foo] | instance_variables.rb:20:10:20:13 | @foo |
| instance_variables.rb:22:20:22:24 | field | instance_variables.rb:23:18:23:22 | field |
| instance_variables.rb:22:20:22:24 | field | instance_variables.rb:23:18:23:22 | field |
| instance_variables.rb:23:18:23:22 | field | instance_variables.rb:23:9:23:14 | [post] self [@field] |
| instance_variables.rb:23:18:23:22 | field | instance_variables.rb:23:9:23:14 | [post] self [@field] |
| instance_variables.rb:24:9:24:17 | call to taint | instance_variables.rb:28:9:28:25 | call to initialize |
| instance_variables.rb:24:9:24:17 | call to taint | instance_variables.rb:28:9:28:25 | call to initialize |
| instance_variables.rb:27:25:27:29 | field | instance_variables.rb:28:20:28:24 | field |
| instance_variables.rb:27:25:27:29 | field | instance_variables.rb:28:20:28:24 | field |
| instance_variables.rb:28:9:28:25 | call to initialize | instance_variables.rb:119:6:119:37 | call to call_initialize |
| instance_variables.rb:28:9:28:25 | call to initialize | instance_variables.rb:119:6:119:37 | call to call_initialize |
| instance_variables.rb:28:20:28:24 | field | instance_variables.rb:22:20:22:24 | field |
| instance_variables.rb:28:20:28:24 | field | instance_variables.rb:22:20:22:24 | field |
| instance_variables.rb:28:20:28:24 | field | instance_variables.rb:28:9:28:25 | [post] self [@field] |
| instance_variables.rb:28:20:28:24 | field | instance_variables.rb:28:9:28:25 | [post] self [@field] |
| instance_variables.rb:31:18:31:18 | x | instance_variables.rb:33:13:33:13 | x |
| instance_variables.rb:31:18:31:18 | x | instance_variables.rb:33:13:33:13 | x |
| instance_variables.rb:32:13:32:21 | call to taint | instance_variables.rb:22:20:22:24 | field |
| instance_variables.rb:32:13:32:21 | call to taint | instance_variables.rb:22:20:22:24 | field |
| instance_variables.rb:32:13:32:21 | call to taint | instance_variables.rb:48:20:48:20 | x |
| instance_variables.rb:32:13:32:21 | call to taint | instance_variables.rb:48:20:48:20 | x |
| instance_variables.rb:33:13:33:13 | x | instance_variables.rb:22:20:22:24 | field |
| instance_variables.rb:33:13:33:13 | x | instance_variables.rb:22:20:22:24 | field |
| instance_variables.rb:33:13:33:13 | x | instance_variables.rb:33:9:33:14 | call to new [@field] |
| instance_variables.rb:33:13:33:13 | x | instance_variables.rb:33:9:33:14 | call to new [@field] |
| instance_variables.rb:36:10:36:23 | call to new [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:36:10:36:23 | call to new [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:36:10:36:23 | call to new [@field] | instance_variables.rb:36:10:36:33 | call to get_field |
| instance_variables.rb:36:10:36:23 | call to new [@field] | instance_variables.rb:36:10:36:33 | call to get_field |
| instance_variables.rb:36:14:36:22 | call to taint | instance_variables.rb:22:20:22:24 | field |
| instance_variables.rb:36:14:36:22 | call to taint | instance_variables.rb:22:20:22:24 | field |
| instance_variables.rb:36:14:36:22 | call to taint | instance_variables.rb:36:10:36:23 | call to new [@field] |
| instance_variables.rb:36:14:36:22 | call to taint | instance_variables.rb:36:10:36:23 | call to new [@field] |
| instance_variables.rb:39:6:39:23 | call to bar [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:39:6:39:23 | call to bar [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:39:6:39:23 | call to bar [@field] | instance_variables.rb:39:6:39:33 | call to get_field |
| instance_variables.rb:39:6:39:23 | call to bar [@field] | instance_variables.rb:39:6:39:33 | call to get_field |
| instance_variables.rb:39:14:39:22 | call to taint | instance_variables.rb:31:18:31:18 | x |
| instance_variables.rb:39:14:39:22 | call to taint | instance_variables.rb:31:18:31:18 | x |
| instance_variables.rb:39:14:39:22 | call to taint | instance_variables.rb:39:6:39:23 | call to bar [@field] |
| instance_variables.rb:39:14:39:22 | call to taint | instance_variables.rb:39:6:39:23 | call to bar [@field] |
| instance_variables.rb:43:9:43:17 | call to taint | instance_variables.rb:121:7:121:24 | call to new |
| instance_variables.rb:43:9:43:17 | call to taint | instance_variables.rb:121:7:121:24 | call to new |
| instance_variables.rb:48:20:48:20 | x | instance_variables.rb:49:14:49:14 | x |
| instance_variables.rb:48:20:48:20 | x | instance_variables.rb:49:14:49:14 | x |
| instance_variables.rb:54:1:54:3 | [post] foo [@field] | instance_variables.rb:55:6:55:8 | foo [@field] |
| instance_variables.rb:54:1:54:3 | [post] foo [@field] | instance_variables.rb:55:6:55:8 | foo [@field] |
| instance_variables.rb:54:15:54:23 | call to taint | instance_variables.rb:10:19:10:19 | x |
| instance_variables.rb:54:15:54:23 | call to taint | instance_variables.rb:10:19:10:19 | x |
| instance_variables.rb:54:15:54:23 | call to taint | instance_variables.rb:54:1:54:3 | [post] foo [@field] |
| instance_variables.rb:54:15:54:23 | call to taint | instance_variables.rb:54:1:54:3 | [post] foo [@field] |
| instance_variables.rb:55:6:55:8 | foo [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:55:6:55:8 | foo [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:55:6:55:8 | foo [@field] | instance_variables.rb:55:6:55:18 | call to get_field |
| instance_variables.rb:55:6:55:8 | foo [@field] | instance_variables.rb:55:6:55:18 | call to get_field |
| instance_variables.rb:58:1:58:3 | [post] bar [@field] | instance_variables.rb:59:6:59:8 | bar [@field] |
| instance_variables.rb:58:15:58:22 | call to taint | instance_variables.rb:10:19:10:19 | x |
@@ -91,437 +49,226 @@ edges
| instance_variables.rb:59:6:59:8 | bar [@field] | instance_variables.rb:16:5:18:7 | self in inc_field [@field] |
| instance_variables.rb:59:6:59:8 | bar [@field] | instance_variables.rb:59:6:59:18 | call to inc_field |
| instance_variables.rb:62:1:62:4 | [post] foo1 [@field] | instance_variables.rb:63:6:63:9 | foo1 [@field] |
| instance_variables.rb:62:1:62:4 | [post] foo1 [@field] | instance_variables.rb:63:6:63:9 | foo1 [@field] |
| instance_variables.rb:62:14:62:22 | call to taint | instance_variables.rb:62:1:62:4 | [post] foo1 [@field] |
| instance_variables.rb:62:14:62:22 | call to taint | instance_variables.rb:62:1:62:4 | [post] foo1 [@field] |
| instance_variables.rb:63:6:63:9 | foo1 [@field] | instance_variables.rb:63:6:63:15 | call to field |
| instance_variables.rb:63:6:63:9 | foo1 [@field] | instance_variables.rb:63:6:63:15 | call to field |
| instance_variables.rb:66:1:66:4 | [post] foo2 [@field] | instance_variables.rb:67:6:67:9 | foo2 [@field] |
| instance_variables.rb:66:1:66:4 | [post] foo2 [@field] | instance_variables.rb:67:6:67:9 | foo2 [@field] |
| instance_variables.rb:66:14:66:22 | call to taint | instance_variables.rb:66:1:66:4 | [post] foo2 [@field] |
| instance_variables.rb:66:14:66:22 | call to taint | instance_variables.rb:66:1:66:4 | [post] foo2 [@field] |
| instance_variables.rb:67:6:67:9 | foo2 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:67:6:67:9 | foo2 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:67:6:67:9 | foo2 [@field] | instance_variables.rb:67:6:67:19 | call to get_field |
| instance_variables.rb:67:6:67:9 | foo2 [@field] | instance_variables.rb:67:6:67:19 | call to get_field |
| instance_variables.rb:70:1:70:4 | [post] foo3 [@field] | instance_variables.rb:71:6:71:9 | foo3 [@field] |
| instance_variables.rb:70:1:70:4 | [post] foo3 [@field] | instance_variables.rb:71:6:71:9 | foo3 [@field] |
| instance_variables.rb:70:1:70:4 | [post] foo3 [@field] | instance_variables.rb:83:6:83:9 | foo3 [@field] |
| instance_variables.rb:70:1:70:4 | [post] foo3 [@field] | instance_variables.rb:83:6:83:9 | foo3 [@field] |
| instance_variables.rb:70:16:70:24 | call to taint | instance_variables.rb:10:19:10:19 | x |
| instance_variables.rb:70:16:70:24 | call to taint | instance_variables.rb:10:19:10:19 | x |
| instance_variables.rb:70:16:70:24 | call to taint | instance_variables.rb:70:1:70:4 | [post] foo3 [@field] |
| instance_variables.rb:70:16:70:24 | call to taint | instance_variables.rb:70:1:70:4 | [post] foo3 [@field] |
| instance_variables.rb:71:6:71:9 | foo3 [@field] | instance_variables.rb:71:6:71:15 | call to field |
| instance_variables.rb:71:6:71:9 | foo3 [@field] | instance_variables.rb:71:6:71:15 | call to field |
| instance_variables.rb:78:2:78:5 | [post] foo5 [@field] | instance_variables.rb:79:6:79:9 | foo5 [@field] |
| instance_variables.rb:78:2:78:5 | [post] foo5 [@field] | instance_variables.rb:79:6:79:9 | foo5 [@field] |
| instance_variables.rb:78:2:78:5 | [post] foo5 [@field] | instance_variables.rb:84:6:84:9 | foo5 [@field] |
| instance_variables.rb:78:2:78:5 | [post] foo5 [@field] | instance_variables.rb:84:6:84:9 | foo5 [@field] |
| instance_variables.rb:78:18:78:26 | call to taint | instance_variables.rb:10:19:10:19 | x |
| instance_variables.rb:78:18:78:26 | call to taint | instance_variables.rb:10:19:10:19 | x |
| instance_variables.rb:78:18:78:26 | call to taint | instance_variables.rb:78:2:78:5 | [post] foo5 [@field] |
| instance_variables.rb:78:18:78:26 | call to taint | instance_variables.rb:78:2:78:5 | [post] foo5 [@field] |
| instance_variables.rb:79:6:79:9 | foo5 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:79:6:79:9 | foo5 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:79:6:79:9 | foo5 [@field] | instance_variables.rb:79:6:79:19 | call to get_field |
| instance_variables.rb:79:6:79:9 | foo5 [@field] | instance_variables.rb:79:6:79:19 | call to get_field |
| instance_variables.rb:82:15:82:18 | [post] foo6 [@field] | instance_variables.rb:85:6:85:9 | foo6 [@field] |
| instance_variables.rb:82:15:82:18 | [post] foo6 [@field] | instance_variables.rb:85:6:85:9 | foo6 [@field] |
| instance_variables.rb:82:32:82:40 | call to taint | instance_variables.rb:10:19:10:19 | x |
| instance_variables.rb:82:32:82:40 | call to taint | instance_variables.rb:10:19:10:19 | x |
| instance_variables.rb:82:32:82:40 | call to taint | instance_variables.rb:82:15:82:18 | [post] foo6 [@field] |
| instance_variables.rb:82:32:82:40 | call to taint | instance_variables.rb:82:15:82:18 | [post] foo6 [@field] |
| instance_variables.rb:83:6:83:9 | foo3 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:83:6:83:9 | foo3 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:83:6:83:9 | foo3 [@field] | instance_variables.rb:83:6:83:19 | call to get_field |
| instance_variables.rb:83:6:83:9 | foo3 [@field] | instance_variables.rb:83:6:83:19 | call to get_field |
| instance_variables.rb:84:6:84:9 | foo5 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:84:6:84:9 | foo5 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:84:6:84:9 | foo5 [@field] | instance_variables.rb:84:6:84:19 | call to get_field |
| instance_variables.rb:84:6:84:9 | foo5 [@field] | instance_variables.rb:84:6:84:19 | call to get_field |
| instance_variables.rb:85:6:85:9 | foo6 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:85:6:85:9 | foo6 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:85:6:85:9 | foo6 [@field] | instance_variables.rb:85:6:85:19 | call to get_field |
| instance_variables.rb:85:6:85:9 | foo6 [@field] | instance_variables.rb:85:6:85:19 | call to get_field |
| instance_variables.rb:89:15:89:18 | [post] foo7 [@field] | instance_variables.rb:90:6:90:9 | foo7 [@field] |
| instance_variables.rb:89:15:89:18 | [post] foo7 [@field] | instance_variables.rb:90:6:90:9 | foo7 [@field] |
| instance_variables.rb:89:25:89:28 | [post] foo8 [@field] | instance_variables.rb:91:6:91:9 | foo8 [@field] |
| instance_variables.rb:89:25:89:28 | [post] foo8 [@field] | instance_variables.rb:91:6:91:9 | foo8 [@field] |
| instance_variables.rb:89:45:89:53 | call to taint | instance_variables.rb:10:19:10:19 | x |
| instance_variables.rb:89:45:89:53 | call to taint | instance_variables.rb:10:19:10:19 | x |
| instance_variables.rb:89:45:89:53 | call to taint | instance_variables.rb:89:15:89:18 | [post] foo7 [@field] |
| instance_variables.rb:89:45:89:53 | call to taint | instance_variables.rb:89:15:89:18 | [post] foo7 [@field] |
| instance_variables.rb:89:45:89:53 | call to taint | instance_variables.rb:89:25:89:28 | [post] foo8 [@field] |
| instance_variables.rb:89:45:89:53 | call to taint | instance_variables.rb:89:25:89:28 | [post] foo8 [@field] |
| instance_variables.rb:90:6:90:9 | foo7 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:90:6:90:9 | foo7 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:90:6:90:9 | foo7 [@field] | instance_variables.rb:90:6:90:19 | call to get_field |
| instance_variables.rb:90:6:90:9 | foo7 [@field] | instance_variables.rb:90:6:90:19 | call to get_field |
| instance_variables.rb:91:6:91:9 | foo8 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:91:6:91:9 | foo8 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:91:6:91:9 | foo8 [@field] | instance_variables.rb:91:6:91:19 | call to get_field |
| instance_variables.rb:91:6:91:9 | foo8 [@field] | instance_variables.rb:91:6:91:19 | call to get_field |
| instance_variables.rb:95:22:95:25 | [post] foo9 [@field] | instance_variables.rb:96:6:96:9 | foo9 [@field] |
| instance_variables.rb:95:22:95:25 | [post] foo9 [@field] | instance_variables.rb:96:6:96:9 | foo9 [@field] |
| instance_variables.rb:95:32:95:36 | [post] foo10 [@field] | instance_variables.rb:97:6:97:10 | foo10 [@field] |
| instance_variables.rb:95:32:95:36 | [post] foo10 [@field] | instance_variables.rb:97:6:97:10 | foo10 [@field] |
| instance_variables.rb:95:53:95:61 | call to taint | instance_variables.rb:10:19:10:19 | x |
| instance_variables.rb:95:53:95:61 | call to taint | instance_variables.rb:10:19:10:19 | x |
| instance_variables.rb:95:53:95:61 | call to taint | instance_variables.rb:95:22:95:25 | [post] foo9 [@field] |
| instance_variables.rb:95:53:95:61 | call to taint | instance_variables.rb:95:22:95:25 | [post] foo9 [@field] |
| instance_variables.rb:95:53:95:61 | call to taint | instance_variables.rb:95:32:95:36 | [post] foo10 [@field] |
| instance_variables.rb:95:53:95:61 | call to taint | instance_variables.rb:95:32:95:36 | [post] foo10 [@field] |
| instance_variables.rb:96:6:96:9 | foo9 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:96:6:96:9 | foo9 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:96:6:96:9 | foo9 [@field] | instance_variables.rb:96:6:96:19 | call to get_field |
| instance_variables.rb:96:6:96:9 | foo9 [@field] | instance_variables.rb:96:6:96:19 | call to get_field |
| instance_variables.rb:97:6:97:10 | foo10 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:97:6:97:10 | foo10 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:97:6:97:10 | foo10 [@field] | instance_variables.rb:97:6:97:20 | call to get_field |
| instance_variables.rb:97:6:97:10 | foo10 [@field] | instance_variables.rb:97:6:97:20 | call to get_field |
| instance_variables.rb:100:5:100:5 | [post] x [@field] | instance_variables.rb:104:14:104:18 | [post] foo11 [@field] |
| instance_variables.rb:100:5:100:5 | [post] x [@field] | instance_variables.rb:104:14:104:18 | [post] foo11 [@field] |
| instance_variables.rb:100:5:100:5 | [post] x [@field] | instance_variables.rb:108:15:108:19 | [post] foo12 [@field] |
| instance_variables.rb:100:5:100:5 | [post] x [@field] | instance_variables.rb:108:15:108:19 | [post] foo12 [@field] |
| instance_variables.rb:100:5:100:5 | [post] x [@field] | instance_variables.rb:113:22:113:26 | [post] foo13 [@field] |
| instance_variables.rb:100:5:100:5 | [post] x [@field] | instance_variables.rb:113:22:113:26 | [post] foo13 [@field] |
| instance_variables.rb:100:17:100:25 | call to taint | instance_variables.rb:10:19:10:19 | x |
| instance_variables.rb:100:17:100:25 | call to taint | instance_variables.rb:10:19:10:19 | x |
| instance_variables.rb:100:17:100:25 | call to taint | instance_variables.rb:100:5:100:5 | [post] x [@field] |
| instance_variables.rb:100:17:100:25 | call to taint | instance_variables.rb:100:5:100:5 | [post] x [@field] |
| instance_variables.rb:104:14:104:18 | [post] foo11 [@field] | instance_variables.rb:105:6:105:10 | foo11 [@field] |
| instance_variables.rb:104:14:104:18 | [post] foo11 [@field] | instance_variables.rb:105:6:105:10 | foo11 [@field] |
| instance_variables.rb:105:6:105:10 | foo11 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:105:6:105:10 | foo11 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:105:6:105:10 | foo11 [@field] | instance_variables.rb:105:6:105:20 | call to get_field |
| instance_variables.rb:105:6:105:10 | foo11 [@field] | instance_variables.rb:105:6:105:20 | call to get_field |
| instance_variables.rb:108:15:108:19 | [post] foo12 [@field] | instance_variables.rb:109:6:109:10 | foo12 [@field] |
| instance_variables.rb:108:15:108:19 | [post] foo12 [@field] | instance_variables.rb:109:6:109:10 | foo12 [@field] |
| instance_variables.rb:109:6:109:10 | foo12 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:109:6:109:10 | foo12 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:109:6:109:10 | foo12 [@field] | instance_variables.rb:109:6:109:20 | call to get_field |
| instance_variables.rb:109:6:109:10 | foo12 [@field] | instance_variables.rb:109:6:109:20 | call to get_field |
| instance_variables.rb:113:22:113:26 | [post] foo13 [@field] | instance_variables.rb:114:6:114:10 | foo13 [@field] |
| instance_variables.rb:113:22:113:26 | [post] foo13 [@field] | instance_variables.rb:114:6:114:10 | foo13 [@field] |
| instance_variables.rb:114:6:114:10 | foo13 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:114:6:114:10 | foo13 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:114:6:114:10 | foo13 [@field] | instance_variables.rb:114:6:114:20 | call to get_field |
| instance_variables.rb:114:6:114:10 | foo13 [@field] | instance_variables.rb:114:6:114:20 | call to get_field |
| instance_variables.rb:116:1:116:5 | foo15 [@field] | instance_variables.rb:117:6:117:10 | foo15 [@field] |
| instance_variables.rb:116:1:116:5 | foo15 [@field] | instance_variables.rb:117:6:117:10 | foo15 [@field] |
| instance_variables.rb:116:9:116:26 | call to new [@field] | instance_variables.rb:116:1:116:5 | foo15 [@field] |
| instance_variables.rb:116:9:116:26 | call to new [@field] | instance_variables.rb:116:1:116:5 | foo15 [@field] |
| instance_variables.rb:116:17:116:25 | call to taint | instance_variables.rb:22:20:22:24 | field |
| instance_variables.rb:116:17:116:25 | call to taint | instance_variables.rb:22:20:22:24 | field |
| instance_variables.rb:116:17:116:25 | call to taint | instance_variables.rb:116:9:116:26 | call to new [@field] |
| instance_variables.rb:116:17:116:25 | call to taint | instance_variables.rb:116:9:116:26 | call to new [@field] |
| instance_variables.rb:117:6:117:10 | foo15 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:117:6:117:10 | foo15 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:117:6:117:10 | foo15 [@field] | instance_variables.rb:117:6:117:20 | call to get_field |
| instance_variables.rb:117:6:117:10 | foo15 [@field] | instance_variables.rb:117:6:117:20 | call to get_field |
| instance_variables.rb:119:6:119:10 | [post] foo16 [@field] | instance_variables.rb:120:6:120:10 | foo16 [@field] |
| instance_variables.rb:119:6:119:10 | [post] foo16 [@field] | instance_variables.rb:120:6:120:10 | foo16 [@field] |
| instance_variables.rb:119:28:119:36 | call to taint | instance_variables.rb:27:25:27:29 | field |
| instance_variables.rb:119:28:119:36 | call to taint | instance_variables.rb:27:25:27:29 | field |
| instance_variables.rb:119:28:119:36 | call to taint | instance_variables.rb:119:6:119:10 | [post] foo16 [@field] |
| instance_variables.rb:119:28:119:36 | call to taint | instance_variables.rb:119:6:119:10 | [post] foo16 [@field] |
| instance_variables.rb:120:6:120:10 | foo16 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:120:6:120:10 | foo16 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] |
| instance_variables.rb:120:6:120:10 | foo16 [@field] | instance_variables.rb:120:6:120:20 | call to get_field |
| instance_variables.rb:120:6:120:10 | foo16 [@field] | instance_variables.rb:120:6:120:20 | call to get_field |
| instance_variables.rb:121:1:121:3 | bar | instance_variables.rb:122:6:122:8 | bar |
| instance_variables.rb:121:1:121:3 | bar | instance_variables.rb:122:6:122:8 | bar |
| instance_variables.rb:121:7:121:24 | call to new | instance_variables.rb:121:1:121:3 | bar |
| instance_variables.rb:121:7:121:24 | call to new | instance_variables.rb:121:1:121:3 | bar |
nodes
| captured_variables.rb:1:24:1:24 | x | semmle.label | x |
| captured_variables.rb:1:24:1:24 | x | semmle.label | x |
| captured_variables.rb:2:20:2:20 | x | semmle.label | x |
| captured_variables.rb:2:20:2:20 | x | semmle.label | x |
| captured_variables.rb:5:20:5:30 | call to source | semmle.label | call to source |
| captured_variables.rb:5:20:5:30 | call to source | semmle.label | call to source |
| captured_variables.rb:21:33:21:33 | x | semmle.label | x |
| captured_variables.rb:21:33:21:33 | x | semmle.label | x |
| captured_variables.rb:23:14:23:14 | x | semmle.label | x |
| captured_variables.rb:23:14:23:14 | x | semmle.label | x |
| captured_variables.rb:27:29:27:39 | call to source | semmle.label | call to source |
| captured_variables.rb:27:29:27:39 | call to source | semmle.label | call to source |
| captured_variables.rb:32:31:32:31 | x | semmle.label | x |
| captured_variables.rb:32:31:32:31 | x | semmle.label | x |
| captured_variables.rb:34:14:34:14 | x | semmle.label | x |
| captured_variables.rb:34:14:34:14 | x | semmle.label | x |
| captured_variables.rb:38:27:38:37 | call to source | semmle.label | call to source |
| captured_variables.rb:38:27:38:37 | call to source | semmle.label | call to source |
| instance_variables.rb:10:19:10:19 | x | semmle.label | x |
| instance_variables.rb:10:19:10:19 | x | semmle.label | x |
| instance_variables.rb:11:9:11:14 | [post] self [@field] | semmle.label | [post] self [@field] |
| instance_variables.rb:11:9:11:14 | [post] self [@field] | semmle.label | [post] self [@field] |
| instance_variables.rb:11:18:11:18 | x | semmle.label | x |
| instance_variables.rb:11:18:11:18 | x | semmle.label | x |
| instance_variables.rb:13:5:15:7 | self in get_field [@field] | semmle.label | self in get_field [@field] |
| instance_variables.rb:13:5:15:7 | self in get_field [@field] | semmle.label | self in get_field [@field] |
| instance_variables.rb:14:9:14:21 | return | semmle.label | return |
| instance_variables.rb:14:9:14:21 | return | semmle.label | return |
| instance_variables.rb:14:16:14:21 | @field | semmle.label | @field |
| instance_variables.rb:14:16:14:21 | @field | semmle.label | @field |
| instance_variables.rb:14:16:14:21 | self [@field] | semmle.label | self [@field] |
| instance_variables.rb:14:16:14:21 | self [@field] | semmle.label | self [@field] |
| instance_variables.rb:16:5:18:7 | self in inc_field [@field] | semmle.label | self in inc_field [@field] |
| instance_variables.rb:17:9:17:14 | [post] self [@field] | semmle.label | [post] self [@field] |
| instance_variables.rb:19:5:19:8 | [post] self [@foo] | semmle.label | [post] self [@foo] |
| instance_variables.rb:19:5:19:8 | [post] self [@foo] | semmle.label | [post] self [@foo] |
| instance_variables.rb:19:12:19:21 | call to taint | semmle.label | call to taint |
| instance_variables.rb:19:12:19:21 | call to taint | semmle.label | call to taint |
| instance_variables.rb:20:10:20:13 | @foo | semmle.label | @foo |
| instance_variables.rb:20:10:20:13 | @foo | semmle.label | @foo |
| instance_variables.rb:20:10:20:13 | self [@foo] | semmle.label | self [@foo] |
| instance_variables.rb:20:10:20:13 | self [@foo] | semmle.label | self [@foo] |
| instance_variables.rb:22:20:22:24 | field | semmle.label | field |
| instance_variables.rb:22:20:22:24 | field | semmle.label | field |
| instance_variables.rb:23:9:23:14 | [post] self [@field] | semmle.label | [post] self [@field] |
| instance_variables.rb:23:9:23:14 | [post] self [@field] | semmle.label | [post] self [@field] |
| instance_variables.rb:23:18:23:22 | field | semmle.label | field |
| instance_variables.rb:23:18:23:22 | field | semmle.label | field |
| instance_variables.rb:24:9:24:17 | call to taint | semmle.label | call to taint |
| instance_variables.rb:24:9:24:17 | call to taint | semmle.label | call to taint |
| instance_variables.rb:27:25:27:29 | field | semmle.label | field |
| instance_variables.rb:27:25:27:29 | field | semmle.label | field |
| instance_variables.rb:28:9:28:25 | [post] self [@field] | semmle.label | [post] self [@field] |
| instance_variables.rb:28:9:28:25 | [post] self [@field] | semmle.label | [post] self [@field] |
| instance_variables.rb:28:9:28:25 | call to initialize | semmle.label | call to initialize |
| instance_variables.rb:28:9:28:25 | call to initialize | semmle.label | call to initialize |
| instance_variables.rb:28:20:28:24 | field | semmle.label | field |
| instance_variables.rb:28:20:28:24 | field | semmle.label | field |
| instance_variables.rb:31:18:31:18 | x | semmle.label | x |
| instance_variables.rb:31:18:31:18 | x | semmle.label | x |
| instance_variables.rb:32:13:32:21 | call to taint | semmle.label | call to taint |
| instance_variables.rb:32:13:32:21 | call to taint | semmle.label | call to taint |
| instance_variables.rb:33:9:33:14 | call to new [@field] | semmle.label | call to new [@field] |
| instance_variables.rb:33:9:33:14 | call to new [@field] | semmle.label | call to new [@field] |
| instance_variables.rb:33:13:33:13 | x | semmle.label | x |
| instance_variables.rb:33:13:33:13 | x | semmle.label | x |
| instance_variables.rb:36:10:36:23 | call to new [@field] | semmle.label | call to new [@field] |
| instance_variables.rb:36:10:36:23 | call to new [@field] | semmle.label | call to new [@field] |
| instance_variables.rb:36:10:36:33 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:36:10:36:33 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:36:14:36:22 | call to taint | semmle.label | call to taint |
| instance_variables.rb:36:14:36:22 | call to taint | semmle.label | call to taint |
| instance_variables.rb:39:6:39:23 | call to bar [@field] | semmle.label | call to bar [@field] |
| instance_variables.rb:39:6:39:23 | call to bar [@field] | semmle.label | call to bar [@field] |
| instance_variables.rb:39:6:39:33 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:39:6:39:33 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:39:14:39:22 | call to taint | semmle.label | call to taint |
| instance_variables.rb:39:14:39:22 | call to taint | semmle.label | call to taint |
| instance_variables.rb:43:9:43:17 | call to taint | semmle.label | call to taint |
| instance_variables.rb:43:9:43:17 | call to taint | semmle.label | call to taint |
| instance_variables.rb:48:20:48:20 | x | semmle.label | x |
| instance_variables.rb:48:20:48:20 | x | semmle.label | x |
| instance_variables.rb:49:14:49:14 | x | semmle.label | x |
| instance_variables.rb:49:14:49:14 | x | semmle.label | x |
| instance_variables.rb:54:1:54:3 | [post] foo [@field] | semmle.label | [post] foo [@field] |
| instance_variables.rb:54:1:54:3 | [post] foo [@field] | semmle.label | [post] foo [@field] |
| instance_variables.rb:54:15:54:23 | call to taint | semmle.label | call to taint |
| instance_variables.rb:54:15:54:23 | call to taint | semmle.label | call to taint |
| instance_variables.rb:55:6:55:8 | foo [@field] | semmle.label | foo [@field] |
| instance_variables.rb:55:6:55:8 | foo [@field] | semmle.label | foo [@field] |
| instance_variables.rb:55:6:55:18 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:55:6:55:18 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:58:1:58:3 | [post] bar [@field] | semmle.label | [post] bar [@field] |
| instance_variables.rb:58:15:58:22 | call to taint | semmle.label | call to taint |
| instance_variables.rb:59:6:59:8 | bar [@field] | semmle.label | bar [@field] |
| instance_variables.rb:59:6:59:18 | call to inc_field | semmle.label | call to inc_field |
| instance_variables.rb:62:1:62:4 | [post] foo1 [@field] | semmle.label | [post] foo1 [@field] |
| instance_variables.rb:62:1:62:4 | [post] foo1 [@field] | semmle.label | [post] foo1 [@field] |
| instance_variables.rb:62:14:62:22 | call to taint | semmle.label | call to taint |
| instance_variables.rb:62:14:62:22 | call to taint | semmle.label | call to taint |
| instance_variables.rb:63:6:63:9 | foo1 [@field] | semmle.label | foo1 [@field] |
| instance_variables.rb:63:6:63:9 | foo1 [@field] | semmle.label | foo1 [@field] |
| instance_variables.rb:63:6:63:15 | call to field | semmle.label | call to field |
| instance_variables.rb:63:6:63:15 | call to field | semmle.label | call to field |
| instance_variables.rb:66:1:66:4 | [post] foo2 [@field] | semmle.label | [post] foo2 [@field] |
| instance_variables.rb:66:1:66:4 | [post] foo2 [@field] | semmle.label | [post] foo2 [@field] |
| instance_variables.rb:66:14:66:22 | call to taint | semmle.label | call to taint |
| instance_variables.rb:66:14:66:22 | call to taint | semmle.label | call to taint |
| instance_variables.rb:67:6:67:9 | foo2 [@field] | semmle.label | foo2 [@field] |
| instance_variables.rb:67:6:67:9 | foo2 [@field] | semmle.label | foo2 [@field] |
| instance_variables.rb:67:6:67:19 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:67:6:67:19 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:70:1:70:4 | [post] foo3 [@field] | semmle.label | [post] foo3 [@field] |
| instance_variables.rb:70:1:70:4 | [post] foo3 [@field] | semmle.label | [post] foo3 [@field] |
| instance_variables.rb:70:16:70:24 | call to taint | semmle.label | call to taint |
| instance_variables.rb:70:16:70:24 | call to taint | semmle.label | call to taint |
| instance_variables.rb:71:6:71:9 | foo3 [@field] | semmle.label | foo3 [@field] |
| instance_variables.rb:71:6:71:9 | foo3 [@field] | semmle.label | foo3 [@field] |
| instance_variables.rb:71:6:71:15 | call to field | semmle.label | call to field |
| instance_variables.rb:71:6:71:15 | call to field | semmle.label | call to field |
| instance_variables.rb:78:2:78:5 | [post] foo5 [@field] | semmle.label | [post] foo5 [@field] |
| instance_variables.rb:78:2:78:5 | [post] foo5 [@field] | semmle.label | [post] foo5 [@field] |
| instance_variables.rb:78:18:78:26 | call to taint | semmle.label | call to taint |
| instance_variables.rb:78:18:78:26 | call to taint | semmle.label | call to taint |
| instance_variables.rb:79:6:79:9 | foo5 [@field] | semmle.label | foo5 [@field] |
| instance_variables.rb:79:6:79:9 | foo5 [@field] | semmle.label | foo5 [@field] |
| instance_variables.rb:79:6:79:19 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:79:6:79:19 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:82:15:82:18 | [post] foo6 [@field] | semmle.label | [post] foo6 [@field] |
| instance_variables.rb:82:15:82:18 | [post] foo6 [@field] | semmle.label | [post] foo6 [@field] |
| instance_variables.rb:82:32:82:40 | call to taint | semmle.label | call to taint |
| instance_variables.rb:82:32:82:40 | call to taint | semmle.label | call to taint |
| instance_variables.rb:83:6:83:9 | foo3 [@field] | semmle.label | foo3 [@field] |
| instance_variables.rb:83:6:83:9 | foo3 [@field] | semmle.label | foo3 [@field] |
| instance_variables.rb:83:6:83:19 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:83:6:83:19 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:84:6:84:9 | foo5 [@field] | semmle.label | foo5 [@field] |
| instance_variables.rb:84:6:84:9 | foo5 [@field] | semmle.label | foo5 [@field] |
| instance_variables.rb:84:6:84:19 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:84:6:84:19 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:85:6:85:9 | foo6 [@field] | semmle.label | foo6 [@field] |
| instance_variables.rb:85:6:85:9 | foo6 [@field] | semmle.label | foo6 [@field] |
| instance_variables.rb:85:6:85:19 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:85:6:85:19 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:89:15:89:18 | [post] foo7 [@field] | semmle.label | [post] foo7 [@field] |
| instance_variables.rb:89:15:89:18 | [post] foo7 [@field] | semmle.label | [post] foo7 [@field] |
| instance_variables.rb:89:25:89:28 | [post] foo8 [@field] | semmle.label | [post] foo8 [@field] |
| instance_variables.rb:89:25:89:28 | [post] foo8 [@field] | semmle.label | [post] foo8 [@field] |
| instance_variables.rb:89:45:89:53 | call to taint | semmle.label | call to taint |
| instance_variables.rb:89:45:89:53 | call to taint | semmle.label | call to taint |
| instance_variables.rb:90:6:90:9 | foo7 [@field] | semmle.label | foo7 [@field] |
| instance_variables.rb:90:6:90:9 | foo7 [@field] | semmle.label | foo7 [@field] |
| instance_variables.rb:90:6:90:19 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:90:6:90:19 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:91:6:91:9 | foo8 [@field] | semmle.label | foo8 [@field] |
| instance_variables.rb:91:6:91:9 | foo8 [@field] | semmle.label | foo8 [@field] |
| instance_variables.rb:91:6:91:19 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:91:6:91:19 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:95:22:95:25 | [post] foo9 [@field] | semmle.label | [post] foo9 [@field] |
| instance_variables.rb:95:22:95:25 | [post] foo9 [@field] | semmle.label | [post] foo9 [@field] |
| instance_variables.rb:95:32:95:36 | [post] foo10 [@field] | semmle.label | [post] foo10 [@field] |
| instance_variables.rb:95:32:95:36 | [post] foo10 [@field] | semmle.label | [post] foo10 [@field] |
| instance_variables.rb:95:53:95:61 | call to taint | semmle.label | call to taint |
| instance_variables.rb:95:53:95:61 | call to taint | semmle.label | call to taint |
| instance_variables.rb:96:6:96:9 | foo9 [@field] | semmle.label | foo9 [@field] |
| instance_variables.rb:96:6:96:9 | foo9 [@field] | semmle.label | foo9 [@field] |
| instance_variables.rb:96:6:96:19 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:96:6:96:19 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:97:6:97:10 | foo10 [@field] | semmle.label | foo10 [@field] |
| instance_variables.rb:97:6:97:10 | foo10 [@field] | semmle.label | foo10 [@field] |
| instance_variables.rb:97:6:97:20 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:97:6:97:20 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:100:5:100:5 | [post] x [@field] | semmle.label | [post] x [@field] |
| instance_variables.rb:100:5:100:5 | [post] x [@field] | semmle.label | [post] x [@field] |
| instance_variables.rb:100:17:100:25 | call to taint | semmle.label | call to taint |
| instance_variables.rb:100:17:100:25 | call to taint | semmle.label | call to taint |
| instance_variables.rb:104:14:104:18 | [post] foo11 [@field] | semmle.label | [post] foo11 [@field] |
| instance_variables.rb:104:14:104:18 | [post] foo11 [@field] | semmle.label | [post] foo11 [@field] |
| instance_variables.rb:105:6:105:10 | foo11 [@field] | semmle.label | foo11 [@field] |
| instance_variables.rb:105:6:105:10 | foo11 [@field] | semmle.label | foo11 [@field] |
| instance_variables.rb:105:6:105:20 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:105:6:105:20 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:108:15:108:19 | [post] foo12 [@field] | semmle.label | [post] foo12 [@field] |
| instance_variables.rb:108:15:108:19 | [post] foo12 [@field] | semmle.label | [post] foo12 [@field] |
| instance_variables.rb:109:6:109:10 | foo12 [@field] | semmle.label | foo12 [@field] |
| instance_variables.rb:109:6:109:10 | foo12 [@field] | semmle.label | foo12 [@field] |
| instance_variables.rb:109:6:109:20 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:109:6:109:20 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:113:22:113:26 | [post] foo13 [@field] | semmle.label | [post] foo13 [@field] |
| instance_variables.rb:113:22:113:26 | [post] foo13 [@field] | semmle.label | [post] foo13 [@field] |
| instance_variables.rb:114:6:114:10 | foo13 [@field] | semmle.label | foo13 [@field] |
| instance_variables.rb:114:6:114:10 | foo13 [@field] | semmle.label | foo13 [@field] |
| instance_variables.rb:114:6:114:20 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:114:6:114:20 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:116:1:116:5 | foo15 [@field] | semmle.label | foo15 [@field] |
| instance_variables.rb:116:1:116:5 | foo15 [@field] | semmle.label | foo15 [@field] |
| instance_variables.rb:116:9:116:26 | call to new [@field] | semmle.label | call to new [@field] |
| instance_variables.rb:116:9:116:26 | call to new [@field] | semmle.label | call to new [@field] |
| instance_variables.rb:116:17:116:25 | call to taint | semmle.label | call to taint |
| instance_variables.rb:116:17:116:25 | call to taint | semmle.label | call to taint |
| instance_variables.rb:117:6:117:10 | foo15 [@field] | semmle.label | foo15 [@field] |
| instance_variables.rb:117:6:117:10 | foo15 [@field] | semmle.label | foo15 [@field] |
| instance_variables.rb:117:6:117:20 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:117:6:117:20 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:119:6:119:10 | [post] foo16 [@field] | semmle.label | [post] foo16 [@field] |
| instance_variables.rb:119:6:119:10 | [post] foo16 [@field] | semmle.label | [post] foo16 [@field] |
| instance_variables.rb:119:6:119:37 | call to call_initialize | semmle.label | call to call_initialize |
| instance_variables.rb:119:6:119:37 | call to call_initialize | semmle.label | call to call_initialize |
| instance_variables.rb:119:28:119:36 | call to taint | semmle.label | call to taint |
| instance_variables.rb:119:28:119:36 | call to taint | semmle.label | call to taint |
| instance_variables.rb:120:6:120:10 | foo16 [@field] | semmle.label | foo16 [@field] |
| instance_variables.rb:120:6:120:10 | foo16 [@field] | semmle.label | foo16 [@field] |
| instance_variables.rb:120:6:120:20 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:120:6:120:20 | call to get_field | semmle.label | call to get_field |
| instance_variables.rb:121:1:121:3 | bar | semmle.label | bar |
| instance_variables.rb:121:1:121:3 | bar | semmle.label | bar |
| instance_variables.rb:121:7:121:24 | call to new | semmle.label | call to new |
| instance_variables.rb:121:7:121:24 | call to new | semmle.label | call to new |
| instance_variables.rb:122:6:122:8 | bar | semmle.label | bar |
| instance_variables.rb:122:6:122:8 | bar | semmle.label | bar |
subpaths
| instance_variables.rb:28:20:28:24 | field | instance_variables.rb:22:20:22:24 | field | instance_variables.rb:23:9:23:14 | [post] self [@field] | instance_variables.rb:28:9:28:25 | [post] self [@field] |
| instance_variables.rb:28:20:28:24 | field | instance_variables.rb:22:20:22:24 | field | instance_variables.rb:23:9:23:14 | [post] self [@field] | instance_variables.rb:28:9:28:25 | [post] self [@field] |
| instance_variables.rb:33:13:33:13 | x | instance_variables.rb:22:20:22:24 | field | instance_variables.rb:23:9:23:14 | [post] self [@field] | instance_variables.rb:33:9:33:14 | call to new [@field] |
| instance_variables.rb:33:13:33:13 | x | instance_variables.rb:22:20:22:24 | field | instance_variables.rb:23:9:23:14 | [post] self [@field] | instance_variables.rb:33:9:33:14 | call to new [@field] |
| instance_variables.rb:36:10:36:23 | call to new [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:36:10:36:33 | call to get_field |
| instance_variables.rb:36:10:36:23 | call to new [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:36:10:36:33 | call to get_field |
| instance_variables.rb:36:14:36:22 | call to taint | instance_variables.rb:22:20:22:24 | field | instance_variables.rb:23:9:23:14 | [post] self [@field] | instance_variables.rb:36:10:36:23 | call to new [@field] |
| instance_variables.rb:36:14:36:22 | call to taint | instance_variables.rb:22:20:22:24 | field | instance_variables.rb:23:9:23:14 | [post] self [@field] | instance_variables.rb:36:10:36:23 | call to new [@field] |
| instance_variables.rb:39:6:39:23 | call to bar [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:39:6:39:33 | call to get_field |
| instance_variables.rb:39:6:39:23 | call to bar [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:39:6:39:33 | call to get_field |
| instance_variables.rb:39:14:39:22 | call to taint | instance_variables.rb:31:18:31:18 | x | instance_variables.rb:33:9:33:14 | call to new [@field] | instance_variables.rb:39:6:39:23 | call to bar [@field] |
| instance_variables.rb:39:14:39:22 | call to taint | instance_variables.rb:31:18:31:18 | x | instance_variables.rb:33:9:33:14 | call to new [@field] | instance_variables.rb:39:6:39:23 | call to bar [@field] |
| instance_variables.rb:54:15:54:23 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | instance_variables.rb:54:1:54:3 | [post] foo [@field] |
| instance_variables.rb:54:15:54:23 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | instance_variables.rb:54:1:54:3 | [post] foo [@field] |
| instance_variables.rb:55:6:55:8 | foo [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:55:6:55:18 | call to get_field |
| instance_variables.rb:55:6:55:8 | foo [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:55:6:55:18 | call to get_field |
| instance_variables.rb:58:15:58:22 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | instance_variables.rb:58:1:58:3 | [post] bar [@field] |
| instance_variables.rb:59:6:59:8 | bar [@field] | instance_variables.rb:16:5:18:7 | self in inc_field [@field] | instance_variables.rb:16:5:18:7 | self in inc_field [@field] | instance_variables.rb:59:6:59:18 | call to inc_field |
| instance_variables.rb:59:6:59:8 | bar [@field] | instance_variables.rb:16:5:18:7 | self in inc_field [@field] | instance_variables.rb:17:9:17:14 | [post] self [@field] | instance_variables.rb:59:6:59:18 | call to inc_field |
| instance_variables.rb:67:6:67:9 | foo2 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:67:6:67:19 | call to get_field |
| instance_variables.rb:67:6:67:9 | foo2 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:67:6:67:19 | call to get_field |
| instance_variables.rb:70:16:70:24 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | instance_variables.rb:70:1:70:4 | [post] foo3 [@field] |
| instance_variables.rb:70:16:70:24 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | instance_variables.rb:70:1:70:4 | [post] foo3 [@field] |
| instance_variables.rb:78:18:78:26 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | instance_variables.rb:78:2:78:5 | [post] foo5 [@field] |
| instance_variables.rb:78:18:78:26 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | instance_variables.rb:78:2:78:5 | [post] foo5 [@field] |
| instance_variables.rb:79:6:79:9 | foo5 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:79:6:79:19 | call to get_field |
| instance_variables.rb:79:6:79:9 | foo5 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:79:6:79:19 | call to get_field |
| instance_variables.rb:82:32:82:40 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | instance_variables.rb:82:15:82:18 | [post] foo6 [@field] |
| instance_variables.rb:82:32:82:40 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | instance_variables.rb:82:15:82:18 | [post] foo6 [@field] |
| instance_variables.rb:83:6:83:9 | foo3 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:83:6:83:19 | call to get_field |
| instance_variables.rb:83:6:83:9 | foo3 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:83:6:83:19 | call to get_field |
| instance_variables.rb:84:6:84:9 | foo5 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:84:6:84:19 | call to get_field |
| instance_variables.rb:84:6:84:9 | foo5 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:84:6:84:19 | call to get_field |
| instance_variables.rb:85:6:85:9 | foo6 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:85:6:85:19 | call to get_field |
| instance_variables.rb:85:6:85:9 | foo6 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:85:6:85:19 | call to get_field |
| instance_variables.rb:89:45:89:53 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | instance_variables.rb:89:15:89:18 | [post] foo7 [@field] |
| instance_variables.rb:89:45:89:53 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | instance_variables.rb:89:15:89:18 | [post] foo7 [@field] |
| instance_variables.rb:89:45:89:53 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | instance_variables.rb:89:25:89:28 | [post] foo8 [@field] |
| instance_variables.rb:89:45:89:53 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | instance_variables.rb:89:25:89:28 | [post] foo8 [@field] |
| instance_variables.rb:90:6:90:9 | foo7 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:90:6:90:19 | call to get_field |
| instance_variables.rb:90:6:90:9 | foo7 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:90:6:90:19 | call to get_field |
| instance_variables.rb:91:6:91:9 | foo8 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:91:6:91:19 | call to get_field |
| instance_variables.rb:91:6:91:9 | foo8 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:91:6:91:19 | call to get_field |
| instance_variables.rb:95:53:95:61 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | instance_variables.rb:95:22:95:25 | [post] foo9 [@field] |
| instance_variables.rb:95:53:95:61 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | instance_variables.rb:95:22:95:25 | [post] foo9 [@field] |
| instance_variables.rb:95:53:95:61 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | instance_variables.rb:95:32:95:36 | [post] foo10 [@field] |
| instance_variables.rb:95:53:95:61 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | instance_variables.rb:95:32:95:36 | [post] foo10 [@field] |
| instance_variables.rb:96:6:96:9 | foo9 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:96:6:96:19 | call to get_field |
| instance_variables.rb:96:6:96:9 | foo9 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:96:6:96:19 | call to get_field |
| instance_variables.rb:97:6:97:10 | foo10 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:97:6:97:20 | call to get_field |
| instance_variables.rb:97:6:97:10 | foo10 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:97:6:97:20 | call to get_field |
| instance_variables.rb:100:17:100:25 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | instance_variables.rb:100:5:100:5 | [post] x [@field] |
| instance_variables.rb:100:17:100:25 | call to taint | instance_variables.rb:10:19:10:19 | x | instance_variables.rb:11:9:11:14 | [post] self [@field] | instance_variables.rb:100:5:100:5 | [post] x [@field] |
| instance_variables.rb:105:6:105:10 | foo11 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:105:6:105:20 | call to get_field |
| instance_variables.rb:105:6:105:10 | foo11 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:105:6:105:20 | call to get_field |
| instance_variables.rb:109:6:109:10 | foo12 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:109:6:109:20 | call to get_field |
| instance_variables.rb:109:6:109:10 | foo12 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:109:6:109:20 | call to get_field |
| instance_variables.rb:114:6:114:10 | foo13 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:114:6:114:20 | call to get_field |
| instance_variables.rb:114:6:114:10 | foo13 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:114:6:114:20 | call to get_field |
| instance_variables.rb:116:17:116:25 | call to taint | instance_variables.rb:22:20:22:24 | field | instance_variables.rb:23:9:23:14 | [post] self [@field] | instance_variables.rb:116:9:116:26 | call to new [@field] |
| instance_variables.rb:116:17:116:25 | call to taint | instance_variables.rb:22:20:22:24 | field | instance_variables.rb:23:9:23:14 | [post] self [@field] | instance_variables.rb:116:9:116:26 | call to new [@field] |
| instance_variables.rb:117:6:117:10 | foo15 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:117:6:117:20 | call to get_field |
| instance_variables.rb:117:6:117:10 | foo15 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:117:6:117:20 | call to get_field |
| instance_variables.rb:119:28:119:36 | call to taint | instance_variables.rb:27:25:27:29 | field | instance_variables.rb:28:9:28:25 | [post] self [@field] | instance_variables.rb:119:6:119:10 | [post] foo16 [@field] |
| instance_variables.rb:119:28:119:36 | call to taint | instance_variables.rb:27:25:27:29 | field | instance_variables.rb:28:9:28:25 | [post] self [@field] | instance_variables.rb:119:6:119:10 | [post] foo16 [@field] |
| instance_variables.rb:120:6:120:10 | foo16 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:120:6:120:20 | call to get_field |
| instance_variables.rb:120:6:120:10 | foo16 [@field] | instance_variables.rb:13:5:15:7 | self in get_field [@field] | instance_variables.rb:14:9:14:21 | return | instance_variables.rb:120:6:120:20 | call to get_field |
#select
| captured_variables.rb:2:20:2:20 | x | captured_variables.rb:5:20:5:30 | call to source | captured_variables.rb:2:20:2:20 | x | $@ | captured_variables.rb:5:20:5:30 | call to source | call to source |

2
ruby/ql/test/library-tests/dataflow/global/Flow.ql
View File

@@ -6,7 +6,7 @@ import codeql.ruby.AST
import codeql.ruby.DataFlow
private import TestUtilities.InlineFlowTest
import DefaultFlowTest
import PathGraph
import TaintFlow::PathGraph
from TaintFlow::PathNode source, TaintFlow::PathNode sink
where TaintFlow::flowPath(source, sink)

5
ruby/ql/test/library-tests/dataflow/hash-flow/hash-flow.expected
View File

@@ -1,4 +1,3 @@
failures
testFailures
edges
| hash_flow.rb:10:5:10:8 | hash [element 0] | hash_flow.rb:30:10:30:13 | hash [element 0] |
@@ -82,8 +81,7 @@ edges
| hash_flow.rb:96:30:96:33 | hash [element :a] | hash_flow.rb:96:13:96:34 | call to try_convert [element :a] |
| hash_flow.rb:97:10:97:14 | hash2 [element :a] | hash_flow.rb:97:10:97:18 | ...[...] |
| hash_flow.rb:105:5:105:5 | b | hash_flow.rb:106:10:106:10 | b |
| hash_flow.rb:105:21:105:30 | __synth__0 | hash_flow.rb:105:5:105:5 | b |
| hash_flow.rb:105:21:105:30 | call to taint | hash_flow.rb:105:21:105:30 | __synth__0 |
| hash_flow.rb:105:21:105:30 | call to taint | hash_flow.rb:105:5:105:5 | b |
| hash_flow.rb:113:5:113:5 | b | hash_flow.rb:115:10:115:10 | b |
| hash_flow.rb:113:9:113:12 | [post] hash [element :a] | hash_flow.rb:114:10:114:13 | hash [element :a] |
| hash_flow.rb:113:9:113:34 | call to store | hash_flow.rb:113:5:113:5 | b |
@@ -1064,7 +1062,6 @@ nodes
| hash_flow.rb:97:10:97:14 | hash2 [element :a] | semmle.label | hash2 [element :a] |
| hash_flow.rb:97:10:97:18 | ...[...] | semmle.label | ...[...] |
| hash_flow.rb:105:5:105:5 | b | semmle.label | b |
| hash_flow.rb:105:21:105:30 | __synth__0 | semmle.label | __synth__0 |
| hash_flow.rb:105:21:105:30 | call to taint | semmle.label | call to taint |
| hash_flow.rb:106:10:106:10 | b | semmle.label | b |
| hash_flow.rb:113:5:113:5 | b | semmle.label | b |

2
ruby/ql/test/library-tests/dataflow/hash-flow/hash-flow.ql
View File

@@ -5,7 +5,7 @@
import codeql.ruby.AST
import TestUtilities.InlineFlowTest
import ValueFlowTest<DefaultFlowConfig>
import PathGraph
import ValueFlow::PathGraph
from ValueFlow::PathNode source, ValueFlow::PathNode sink
where ValueFlow::flowPath(source, sink)

75
ruby/ql/test/library-tests/dataflow/local/InlineFlowTest.expected
View File

@@ -1,4 +1,3 @@
failures
testFailures
edges
| local_dataflow.rb:78:3:78:3 | z | local_dataflow.rb:89:8:89:8 | z |
@@ -20,66 +19,35 @@ edges
| local_dataflow.rb:87:10:87:10 | x | local_dataflow.rb:78:3:78:3 | z |
| local_dataflow.rb:87:10:87:10 | x | local_dataflow.rb:87:25:87:25 | x |
| local_dataflow.rb:93:3:93:3 | a | local_dataflow.rb:94:8:94:8 | a |
| local_dataflow.rb:93:3:93:3 | a | local_dataflow.rb:94:8:94:8 | a |
| local_dataflow.rb:93:7:93:15 | call to source | local_dataflow.rb:93:3:93:3 | a |
| local_dataflow.rb:93:7:93:15 | call to source | local_dataflow.rb:93:3:93:3 | a |
| local_dataflow.rb:93:20:93:28 | call to source | local_dataflow.rb:93:3:93:3 | a |
| local_dataflow.rb:93:20:93:28 | call to source | local_dataflow.rb:93:3:93:3 | a |
| local_dataflow.rb:95:3:95:3 | b | local_dataflow.rb:96:8:96:8 | b |
| local_dataflow.rb:95:3:95:3 | b | local_dataflow.rb:96:8:96:8 | b |
| local_dataflow.rb:95:8:95:16 | call to source | local_dataflow.rb:95:3:95:3 | b |
| local_dataflow.rb:95:8:95:16 | call to source | local_dataflow.rb:95:3:95:3 | b |
| local_dataflow.rb:95:21:95:29 | call to source | local_dataflow.rb:95:3:95:3 | b |
| local_dataflow.rb:95:21:95:29 | call to source | local_dataflow.rb:95:3:95:3 | b |
| local_dataflow.rb:98:3:98:3 | a | local_dataflow.rb:99:8:99:8 | a |
| local_dataflow.rb:98:3:98:3 | a | local_dataflow.rb:99:8:99:8 | a |
| local_dataflow.rb:98:7:98:15 | call to source | local_dataflow.rb:98:3:98:3 | a |
| local_dataflow.rb:98:7:98:15 | call to source | local_dataflow.rb:98:3:98:3 | a |
| local_dataflow.rb:98:20:98:28 | call to source | local_dataflow.rb:98:3:98:3 | a |
| local_dataflow.rb:98:20:98:28 | call to source | local_dataflow.rb:98:3:98:3 | a |
| local_dataflow.rb:100:3:100:3 | b | local_dataflow.rb:101:8:101:8 | b |
| local_dataflow.rb:100:3:100:3 | b | local_dataflow.rb:101:8:101:8 | b |
| local_dataflow.rb:100:8:100:16 | call to source | local_dataflow.rb:100:3:100:3 | b |
| local_dataflow.rb:100:8:100:16 | call to source | local_dataflow.rb:100:3:100:3 | b |
| local_dataflow.rb:100:22:100:30 | call to source | local_dataflow.rb:100:3:100:3 | b |
| local_dataflow.rb:100:22:100:30 | call to source | local_dataflow.rb:100:3:100:3 | b |
| local_dataflow.rb:103:3:103:3 | a | local_dataflow.rb:104:3:104:3 | a |
| local_dataflow.rb:103:3:103:3 | a | local_dataflow.rb:104:3:104:3 | a |
| local_dataflow.rb:103:7:103:15 | call to source | local_dataflow.rb:103:3:103:3 | a |
| local_dataflow.rb:103:7:103:15 | call to source | local_dataflow.rb:103:3:103:3 | a |
| local_dataflow.rb:104:3:104:3 | a | local_dataflow.rb:105:8:105:8 | a |
| local_dataflow.rb:104:3:104:3 | a | local_dataflow.rb:105:8:105:8 | a |
| local_dataflow.rb:104:9:104:17 | call to source | local_dataflow.rb:104:3:104:3 | a |
| local_dataflow.rb:104:9:104:17 | call to source | local_dataflow.rb:104:3:104:3 | a |
| local_dataflow.rb:106:3:106:3 | b | local_dataflow.rb:107:3:107:3 | b |
| local_dataflow.rb:106:3:106:3 | b | local_dataflow.rb:107:3:107:3 | b |
| local_dataflow.rb:106:7:106:15 | call to source | local_dataflow.rb:106:3:106:3 | b |
| local_dataflow.rb:106:7:106:15 | call to source | local_dataflow.rb:106:3:106:3 | b |
| local_dataflow.rb:107:3:107:3 | b | local_dataflow.rb:108:8:108:8 | b |
| local_dataflow.rb:107:3:107:3 | b | local_dataflow.rb:108:8:108:8 | b |
| local_dataflow.rb:107:9:107:17 | call to source | local_dataflow.rb:107:3:107:3 | b |
| local_dataflow.rb:107:9:107:17 | call to source | local_dataflow.rb:107:3:107:3 | b |
| local_dataflow.rb:112:8:112:16 | call to source | local_dataflow.rb:112:8:112:20 | call to dup |
| local_dataflow.rb:112:8:112:16 | call to source | local_dataflow.rb:112:8:112:20 | call to dup |
| local_dataflow.rb:113:8:113:16 | call to source | local_dataflow.rb:113:8:113:20 | call to dup |
| local_dataflow.rb:113:8:113:16 | call to source | local_dataflow.rb:113:8:113:20 | call to dup |
| local_dataflow.rb:113:8:113:20 | call to dup | local_dataflow.rb:113:8:113:24 | call to dup |
| local_dataflow.rb:113:8:113:20 | call to dup | local_dataflow.rb:113:8:113:24 | call to dup |
| local_dataflow.rb:117:8:117:16 | call to source | local_dataflow.rb:117:8:117:23 | call to tap |
| local_dataflow.rb:117:8:117:16 | call to source | local_dataflow.rb:117:8:117:23 | call to tap |
| local_dataflow.rb:118:3:118:11 | call to source | local_dataflow.rb:118:20:118:20 | x |
| local_dataflow.rb:118:3:118:11 | call to source | local_dataflow.rb:118:20:118:20 | x |
| local_dataflow.rb:118:20:118:20 | x | local_dataflow.rb:118:28:118:28 | x |
| local_dataflow.rb:118:20:118:20 | x | local_dataflow.rb:118:28:118:28 | x |
| local_dataflow.rb:119:8:119:16 | call to source | local_dataflow.rb:119:8:119:23 | call to tap |
| local_dataflow.rb:119:8:119:16 | call to source | local_dataflow.rb:119:8:119:23 | call to tap |
| local_dataflow.rb:119:8:119:23 | call to tap | local_dataflow.rb:119:8:119:30 | call to tap |
| local_dataflow.rb:119:8:119:23 | call to tap | local_dataflow.rb:119:8:119:30 | call to tap |
| local_dataflow.rb:123:8:123:16 | call to source | local_dataflow.rb:123:8:123:20 | call to dup |
| local_dataflow.rb:123:8:123:16 | call to source | local_dataflow.rb:123:8:123:20 | call to dup |
| local_dataflow.rb:123:8:123:20 | call to dup | local_dataflow.rb:123:8:123:45 | call to tap |
| local_dataflow.rb:123:8:123:20 | call to dup | local_dataflow.rb:123:8:123:45 | call to tap |
| local_dataflow.rb:123:8:123:45 | call to tap | local_dataflow.rb:123:8:123:49 | call to dup |
| local_dataflow.rb:123:8:123:45 | call to tap | local_dataflow.rb:123:8:123:49 | call to dup |
nodes
| local_dataflow.rb:78:3:78:3 | z | semmle.label | z |
@@ -102,90 +70,47 @@ nodes
| local_dataflow.rb:87:25:87:25 | x | semmle.label | x |
| local_dataflow.rb:89:8:89:8 | z | semmle.label | z |
| local_dataflow.rb:93:3:93:3 | a | semmle.label | a |
| local_dataflow.rb:93:3:93:3 | a | semmle.label | a |
| local_dataflow.rb:93:7:93:15 | call to source | semmle.label | call to source |
| local_dataflow.rb:93:7:93:15 | call to source | semmle.label | call to source |
| local_dataflow.rb:93:20:93:28 | call to source | semmle.label | call to source |
| local_dataflow.rb:93:20:93:28 | call to source | semmle.label | call to source |
| local_dataflow.rb:94:8:94:8 | a | semmle.label | a |
| local_dataflow.rb:94:8:94:8 | a | semmle.label | a |
| local_dataflow.rb:95:3:95:3 | b | semmle.label | b |
| local_dataflow.rb:95:3:95:3 | b | semmle.label | b |
| local_dataflow.rb:95:8:95:16 | call to source | semmle.label | call to source |
| local_dataflow.rb:95:8:95:16 | call to source | semmle.label | call to source |
| local_dataflow.rb:95:21:95:29 | call to source | semmle.label | call to source |
| local_dataflow.rb:95:21:95:29 | call to source | semmle.label | call to source |
| local_dataflow.rb:96:8:96:8 | b | semmle.label | b |
| local_dataflow.rb:96:8:96:8 | b | semmle.label | b |
| local_dataflow.rb:98:3:98:3 | a | semmle.label | a |
| local_dataflow.rb:98:3:98:3 | a | semmle.label | a |
| local_dataflow.rb:98:7:98:15 | call to source | semmle.label | call to source |
| local_dataflow.rb:98:7:98:15 | call to source | semmle.label | call to source |
| local_dataflow.rb:98:20:98:28 | call to source | semmle.label | call to source |
| local_dataflow.rb:98:20:98:28 | call to source | semmle.label | call to source |
| local_dataflow.rb:99:8:99:8 | a | semmle.label | a |
| local_dataflow.rb:99:8:99:8 | a | semmle.label | a |
| local_dataflow.rb:100:3:100:3 | b | semmle.label | b |
| local_dataflow.rb:100:3:100:3 | b | semmle.label | b |
| local_dataflow.rb:100:8:100:16 | call to source | semmle.label | call to source |
| local_dataflow.rb:100:8:100:16 | call to source | semmle.label | call to source |
| local_dataflow.rb:100:22:100:30 | call to source | semmle.label | call to source |
| local_dataflow.rb:100:22:100:30 | call to source | semmle.label | call to source |
| local_dataflow.rb:101:8:101:8 | b | semmle.label | b |
| local_dataflow.rb:101:8:101:8 | b | semmle.label | b |
| local_dataflow.rb:103:3:103:3 | a | semmle.label | a |
| local_dataflow.rb:103:3:103:3 | a | semmle.label | a |
| local_dataflow.rb:103:7:103:15 | call to source | semmle.label | call to source |
| local_dataflow.rb:103:7:103:15 | call to source | semmle.label | call to source |
| local_dataflow.rb:104:3:104:3 | a | semmle.label | a |
| local_dataflow.rb:104:3:104:3 | a | semmle.label | a |
| local_dataflow.rb:104:9:104:17 | call to source | semmle.label | call to source |
| local_dataflow.rb:104:9:104:17 | call to source | semmle.label | call to source |
| local_dataflow.rb:105:8:105:8 | a | semmle.label | a |
| local_dataflow.rb:105:8:105:8 | a | semmle.label | a |
| local_dataflow.rb:106:3:106:3 | b | semmle.label | b |
| local_dataflow.rb:106:3:106:3 | b | semmle.label | b |
| local_dataflow.rb:106:7:106:15 | call to source | semmle.label | call to source |
| local_dataflow.rb:106:7:106:15 | call to source | semmle.label | call to source |
| local_dataflow.rb:107:3:107:3 | b | semmle.label | b |
| local_dataflow.rb:107:3:107:3 | b | semmle.label | b |
| local_dataflow.rb:107:9:107:17 | call to source | semmle.label | call to source |
| local_dataflow.rb:107:9:107:17 | call to source | semmle.label | call to source |
| local_dataflow.rb:108:8:108:8 | b | semmle.label | b |
| local_dataflow.rb:108:8:108:8 | b | semmle.label | b |
| local_dataflow.rb:112:8:112:16 | call to source | semmle.label | call to source |
| local_dataflow.rb:112:8:112:16 | call to source | semmle.label | call to source |
| local_dataflow.rb:112:8:112:20 | call to dup | semmle.label | call to dup |
| local_dataflow.rb:112:8:112:20 | call to dup | semmle.label | call to dup |
| local_dataflow.rb:113:8:113:16 | call to source | semmle.label | call to source |
| local_dataflow.rb:113:8:113:16 | call to source | semmle.label | call to source |
| local_dataflow.rb:113:8:113:20 | call to dup | semmle.label | call to dup |
| local_dataflow.rb:113:8:113:20 | call to dup | semmle.label | call to dup |
| local_dataflow.rb:113:8:113:24 | call to dup | semmle.label | call to dup |
| local_dataflow.rb:113:8:113:24 | call to dup | semmle.label | call to dup |
| local_dataflow.rb:117:8:117:16 | call to source | semmle.label | call to source |
| local_dataflow.rb:117:8:117:16 | call to source | semmle.label | call to source |
| local_dataflow.rb:117:8:117:23 | call to tap | semmle.label | call to tap |
| local_dataflow.rb:117:8:117:23 | call to tap | semmle.label | call to tap |
| local_dataflow.rb:118:3:118:11 | call to source | semmle.label | call to source |
| local_dataflow.rb:118:3:118:11 | call to source | semmle.label | call to source |
| local_dataflow.rb:118:20:118:20 | x | semmle.label | x |
| local_dataflow.rb:118:20:118:20 | x | semmle.label | x |
| local_dataflow.rb:118:28:118:28 | x | semmle.label | x |
| local_dataflow.rb:118:28:118:28 | x | semmle.label | x |
| local_dataflow.rb:119:8:119:16 | call to source | semmle.label | call to source |
| local_dataflow.rb:119:8:119:16 | call to source | semmle.label | call to source |
| local_dataflow.rb:119:8:119:23 | call to tap | semmle.label | call to tap |
| local_dataflow.rb:119:8:119:23 | call to tap | semmle.label | call to tap |
| local_dataflow.rb:119:8:119:30 | call to tap | semmle.label | call to tap |
| local_dataflow.rb:119:8:119:30 | call to tap | semmle.label | call to tap |
| local_dataflow.rb:123:8:123:16 | call to source | semmle.label | call to source |
| local_dataflow.rb:123:8:123:16 | call to source | semmle.label | call to source |
| local_dataflow.rb:123:8:123:20 | call to dup | semmle.label | call to dup |
| local_dataflow.rb:123:8:123:20 | call to dup | semmle.label | call to dup |
| local_dataflow.rb:123:8:123:45 | call to tap | semmle.label | call to tap |
| local_dataflow.rb:123:8:123:45 | call to tap | semmle.label | call to tap |
| local_dataflow.rb:123:8:123:49 | call to dup | semmle.label | call to dup |
| local_dataflow.rb:123:8:123:49 | call to dup | semmle.label | call to dup |
subpaths
#select

2
ruby/ql/test/library-tests/dataflow/local/InlineFlowTest.ql
View File

@@ -5,7 +5,7 @@
import codeql.ruby.AST
import TestUtilities.InlineFlowTest
import DefaultFlowTest
import PathGraph
import TaintFlow::PathGraph
from TaintFlow::PathNode source, TaintFlow::PathNode sink
where TaintFlow::flowPath(source, sink)

1
ruby/ql/test/library-tests/dataflow/params/params-flow.expected
View File

@@ -1,4 +1,3 @@
failures
testFailures
edges
| params_flow.rb:9:16:9:17 | p1 | params_flow.rb:10:10:10:11 | p1 |

2
ruby/ql/test/library-tests/dataflow/params/params-flow.ql
View File

@@ -5,7 +5,7 @@
import codeql.ruby.AST
import TestUtilities.InlineFlowTest
import ValueFlowTest<DefaultFlowConfig>
import PathGraph
import ValueFlow::PathGraph
from ValueFlow::PathNode source, ValueFlow::PathNode sink
where ValueFlow::flowPath(source, sink)

289
ruby/ql/test/library-tests/dataflow/pathname-flow/pathame-flow.expected
View File

@@ -1,294 +1,5 @@
failures
testFailures
edges
| pathname_flow.rb:4:5:4:6 | pn | pathname_flow.rb:5:10:5:11 | pn |
| pathname_flow.rb:4:10:4:33 | call to new | pathname_flow.rb:4:5:4:6 | pn |
| pathname_flow.rb:4:23:4:32 | call to source | pathname_flow.rb:4:10:4:33 | call to new |
| pathname_flow.rb:9:3:9:3 | a | pathname_flow.rb:11:8:11:12 | ... + ... |
| pathname_flow.rb:9:7:9:30 | call to new | pathname_flow.rb:9:3:9:3 | a |
| pathname_flow.rb:9:20:9:29 | call to source | pathname_flow.rb:9:7:9:30 | call to new |
| pathname_flow.rb:10:3:10:3 | b | pathname_flow.rb:11:8:11:12 | ... + ... |
| pathname_flow.rb:10:7:10:30 | call to new | pathname_flow.rb:10:3:10:3 | b |
| pathname_flow.rb:10:20:10:29 | call to source | pathname_flow.rb:10:7:10:30 | call to new |
| pathname_flow.rb:15:3:15:4 | pn | pathname_flow.rb:16:8:16:9 | pn |
| pathname_flow.rb:15:8:15:31 | call to new | pathname_flow.rb:15:3:15:4 | pn |
| pathname_flow.rb:15:21:15:30 | call to source | pathname_flow.rb:15:8:15:31 | call to new |
| pathname_flow.rb:16:8:16:9 | pn | pathname_flow.rb:16:8:16:17 | call to dirname |
| pathname_flow.rb:20:3:20:3 | a | pathname_flow.rb:21:3:21:3 | a |
| pathname_flow.rb:20:7:20:30 | call to new | pathname_flow.rb:20:3:20:3 | a |
| pathname_flow.rb:20:20:20:29 | call to source | pathname_flow.rb:20:7:20:30 | call to new |
| pathname_flow.rb:21:3:21:3 | a | pathname_flow.rb:21:23:21:23 | x |
| pathname_flow.rb:21:23:21:23 | x | pathname_flow.rb:22:10:22:10 | x |
| pathname_flow.rb:27:3:27:3 | a | pathname_flow.rb:28:8:28:8 | a |
| pathname_flow.rb:27:7:27:30 | call to new | pathname_flow.rb:27:3:27:3 | a |
| pathname_flow.rb:27:20:27:29 | call to source | pathname_flow.rb:27:7:27:30 | call to new |
| pathname_flow.rb:28:8:28:8 | a | pathname_flow.rb:28:8:28:22 | call to expand_path |
| pathname_flow.rb:32:3:32:3 | a | pathname_flow.rb:35:8:35:8 | a |
| pathname_flow.rb:32:7:32:30 | call to new | pathname_flow.rb:32:3:32:3 | a |
| pathname_flow.rb:32:20:32:29 | call to source | pathname_flow.rb:32:7:32:30 | call to new |
| pathname_flow.rb:34:3:34:3 | c | pathname_flow.rb:35:18:35:18 | c |
| pathname_flow.rb:34:7:34:30 | call to new | pathname_flow.rb:34:3:34:3 | c |
| pathname_flow.rb:34:20:34:29 | call to source | pathname_flow.rb:34:7:34:30 | call to new |
| pathname_flow.rb:35:8:35:8 | a | pathname_flow.rb:35:8:35:19 | call to join |
| pathname_flow.rb:35:18:35:18 | c | pathname_flow.rb:35:8:35:19 | call to join |
| pathname_flow.rb:39:3:39:3 | a | pathname_flow.rb:40:8:40:8 | a |
| pathname_flow.rb:39:7:39:30 | call to new | pathname_flow.rb:39:3:39:3 | a |
| pathname_flow.rb:39:20:39:29 | call to source | pathname_flow.rb:39:7:39:30 | call to new |
| pathname_flow.rb:40:8:40:8 | a | pathname_flow.rb:40:8:40:17 | call to parent |
| pathname_flow.rb:44:3:44:3 | a | pathname_flow.rb:45:8:45:8 | a |
| pathname_flow.rb:44:7:44:30 | call to new | pathname_flow.rb:44:3:44:3 | a |
| pathname_flow.rb:44:20:44:29 | call to source | pathname_flow.rb:44:7:44:30 | call to new |
| pathname_flow.rb:45:8:45:8 | a | pathname_flow.rb:45:8:45:19 | call to realpath |
| pathname_flow.rb:49:3:49:3 | a | pathname_flow.rb:50:8:50:8 | a |
| pathname_flow.rb:49:7:49:30 | call to new | pathname_flow.rb:49:3:49:3 | a |
| pathname_flow.rb:49:20:49:29 | call to source | pathname_flow.rb:49:7:49:30 | call to new |
| pathname_flow.rb:50:8:50:8 | a | pathname_flow.rb:50:8:50:39 | call to relative_path_from |
| pathname_flow.rb:54:3:54:3 | a | pathname_flow.rb:55:8:55:8 | a |
| pathname_flow.rb:54:7:54:30 | call to new | pathname_flow.rb:54:3:54:3 | a |
| pathname_flow.rb:54:20:54:29 | call to source | pathname_flow.rb:54:7:54:30 | call to new |
| pathname_flow.rb:55:8:55:8 | a | pathname_flow.rb:55:8:55:16 | call to to_path |
| pathname_flow.rb:59:3:59:3 | a | pathname_flow.rb:60:8:60:8 | a |
| pathname_flow.rb:59:7:59:30 | call to new | pathname_flow.rb:59:3:59:3 | a |
| pathname_flow.rb:59:20:59:29 | call to source | pathname_flow.rb:59:7:59:30 | call to new |
| pathname_flow.rb:60:8:60:8 | a | pathname_flow.rb:60:8:60:13 | call to to_s |
| pathname_flow.rb:64:3:64:3 | a | pathname_flow.rb:65:3:65:3 | b |
| pathname_flow.rb:64:7:64:30 | call to new | pathname_flow.rb:64:3:64:3 | a |
| pathname_flow.rb:64:20:64:29 | call to source | pathname_flow.rb:64:7:64:30 | call to new |
| pathname_flow.rb:65:3:65:3 | b | pathname_flow.rb:66:8:66:8 | b |
| pathname_flow.rb:70:3:70:3 | a | pathname_flow.rb:71:3:71:3 | b |
| pathname_flow.rb:70:7:70:30 | call to new | pathname_flow.rb:70:3:70:3 | a |
| pathname_flow.rb:70:20:70:29 | call to source | pathname_flow.rb:70:7:70:30 | call to new |
| pathname_flow.rb:71:3:71:3 | b | pathname_flow.rb:72:8:72:8 | b |
| pathname_flow.rb:76:3:76:3 | a | pathname_flow.rb:77:7:77:7 | a |
| pathname_flow.rb:76:7:76:30 | call to new | pathname_flow.rb:76:3:76:3 | a |
| pathname_flow.rb:76:20:76:29 | call to source | pathname_flow.rb:76:7:76:30 | call to new |
| pathname_flow.rb:77:3:77:3 | b | pathname_flow.rb:78:8:78:8 | b |
| pathname_flow.rb:77:7:77:7 | a | pathname_flow.rb:77:7:77:16 | call to basename |
| pathname_flow.rb:77:7:77:16 | call to basename | pathname_flow.rb:77:3:77:3 | b |
| pathname_flow.rb:82:3:82:3 | a | pathname_flow.rb:83:7:83:7 | a |
| pathname_flow.rb:82:7:82:30 | call to new | pathname_flow.rb:82:3:82:3 | a |
| pathname_flow.rb:82:20:82:29 | call to source | pathname_flow.rb:82:7:82:30 | call to new |
| pathname_flow.rb:83:3:83:3 | b | pathname_flow.rb:84:8:84:8 | b |
| pathname_flow.rb:83:7:83:7 | a | pathname_flow.rb:83:7:83:17 | call to cleanpath |
| pathname_flow.rb:83:7:83:17 | call to cleanpath | pathname_flow.rb:83:3:83:3 | b |
| pathname_flow.rb:88:3:88:3 | a | pathname_flow.rb:89:7:89:7 | a |
| pathname_flow.rb:88:7:88:30 | call to new | pathname_flow.rb:88:3:88:3 | a |
| pathname_flow.rb:88:20:88:29 | call to source | pathname_flow.rb:88:7:88:30 | call to new |
| pathname_flow.rb:89:3:89:3 | b | pathname_flow.rb:90:8:90:8 | b |
| pathname_flow.rb:89:7:89:7 | a | pathname_flow.rb:89:7:89:25 | call to sub |
| pathname_flow.rb:89:7:89:25 | call to sub | pathname_flow.rb:89:3:89:3 | b |
| pathname_flow.rb:94:3:94:3 | a | pathname_flow.rb:95:7:95:7 | a |
| pathname_flow.rb:94:7:94:30 | call to new | pathname_flow.rb:94:3:94:3 | a |
| pathname_flow.rb:94:20:94:29 | call to source | pathname_flow.rb:94:7:94:30 | call to new |
| pathname_flow.rb:95:3:95:3 | b | pathname_flow.rb:96:8:96:8 | b |
| pathname_flow.rb:95:7:95:7 | a | pathname_flow.rb:95:7:95:23 | call to sub_ext |
| pathname_flow.rb:95:7:95:23 | call to sub_ext | pathname_flow.rb:95:3:95:3 | b |
| pathname_flow.rb:101:3:101:3 | a | pathname_flow.rb:103:3:103:3 | b |
| pathname_flow.rb:101:3:101:3 | a | pathname_flow.rb:106:3:106:3 | c |
| pathname_flow.rb:101:3:101:3 | a | pathname_flow.rb:109:7:109:7 | a |
| pathname_flow.rb:101:3:101:3 | a | pathname_flow.rb:112:7:112:7 | a |
| pathname_flow.rb:101:3:101:3 | a | pathname_flow.rb:115:7:115:7 | a |
| pathname_flow.rb:101:3:101:3 | a | pathname_flow.rb:118:7:118:7 | a |
| pathname_flow.rb:101:3:101:3 | a | pathname_flow.rb:121:7:121:7 | a |
| pathname_flow.rb:101:3:101:3 | a | pathname_flow.rb:124:7:124:7 | a |
| pathname_flow.rb:101:3:101:3 | a | pathname_flow.rb:127:7:127:7 | a |
| pathname_flow.rb:101:3:101:3 | a | pathname_flow.rb:130:7:130:7 | a |
| pathname_flow.rb:101:3:101:3 | a | pathname_flow.rb:133:7:133:7 | a |
| pathname_flow.rb:101:7:101:30 | call to new | pathname_flow.rb:101:3:101:3 | a |
| pathname_flow.rb:101:20:101:29 | call to source | pathname_flow.rb:101:7:101:30 | call to new |
| pathname_flow.rb:103:3:103:3 | b | pathname_flow.rb:104:8:104:8 | b |
| pathname_flow.rb:104:8:104:8 | b | pathname_flow.rb:104:8:104:17 | call to realpath |
| pathname_flow.rb:106:3:106:3 | c | pathname_flow.rb:107:8:107:8 | c |
| pathname_flow.rb:107:8:107:8 | c | pathname_flow.rb:107:8:107:17 | call to realpath |
| pathname_flow.rb:109:3:109:3 | d | pathname_flow.rb:110:8:110:8 | d |
| pathname_flow.rb:109:7:109:7 | a | pathname_flow.rb:109:7:109:16 | call to basename |
| pathname_flow.rb:109:7:109:16 | call to basename | pathname_flow.rb:109:3:109:3 | d |
| pathname_flow.rb:110:8:110:8 | d | pathname_flow.rb:110:8:110:17 | call to realpath |
| pathname_flow.rb:112:3:112:3 | e | pathname_flow.rb:113:8:113:8 | e |
| pathname_flow.rb:112:7:112:7 | a | pathname_flow.rb:112:7:112:17 | call to cleanpath |
| pathname_flow.rb:112:7:112:17 | call to cleanpath | pathname_flow.rb:112:3:112:3 | e |
| pathname_flow.rb:113:8:113:8 | e | pathname_flow.rb:113:8:113:17 | call to realpath |
| pathname_flow.rb:115:3:115:3 | f | pathname_flow.rb:116:8:116:8 | f |
| pathname_flow.rb:115:7:115:7 | a | pathname_flow.rb:115:7:115:19 | call to expand_path |
| pathname_flow.rb:115:7:115:19 | call to expand_path | pathname_flow.rb:115:3:115:3 | f |
| pathname_flow.rb:116:8:116:8 | f | pathname_flow.rb:116:8:116:17 | call to realpath |
| pathname_flow.rb:118:3:118:3 | g | pathname_flow.rb:119:8:119:8 | g |
| pathname_flow.rb:118:7:118:7 | a | pathname_flow.rb:118:7:118:19 | call to join |
| pathname_flow.rb:118:7:118:19 | call to join | pathname_flow.rb:118:3:118:3 | g |
| pathname_flow.rb:119:8:119:8 | g | pathname_flow.rb:119:8:119:17 | call to realpath |
| pathname_flow.rb:121:3:121:3 | h | pathname_flow.rb:122:8:122:8 | h |
| pathname_flow.rb:121:7:121:7 | a | pathname_flow.rb:121:7:121:16 | call to realpath |
| pathname_flow.rb:121:7:121:16 | call to realpath | pathname_flow.rb:121:3:121:3 | h |
| pathname_flow.rb:122:8:122:8 | h | pathname_flow.rb:122:8:122:17 | call to realpath |
| pathname_flow.rb:124:3:124:3 | i | pathname_flow.rb:125:8:125:8 | i |
| pathname_flow.rb:124:7:124:7 | a | pathname_flow.rb:124:7:124:38 | call to relative_path_from |
| pathname_flow.rb:124:7:124:38 | call to relative_path_from | pathname_flow.rb:124:3:124:3 | i |
| pathname_flow.rb:125:8:125:8 | i | pathname_flow.rb:125:8:125:17 | call to realpath |
| pathname_flow.rb:127:3:127:3 | j | pathname_flow.rb:128:8:128:8 | j |
| pathname_flow.rb:127:7:127:7 | a | pathname_flow.rb:127:7:127:25 | call to sub |
| pathname_flow.rb:127:7:127:25 | call to sub | pathname_flow.rb:127:3:127:3 | j |
| pathname_flow.rb:128:8:128:8 | j | pathname_flow.rb:128:8:128:17 | call to realpath |
| pathname_flow.rb:130:3:130:3 | k | pathname_flow.rb:131:8:131:8 | k |
| pathname_flow.rb:130:7:130:7 | a | pathname_flow.rb:130:7:130:23 | call to sub_ext |
| pathname_flow.rb:130:7:130:23 | call to sub_ext | pathname_flow.rb:130:3:130:3 | k |
| pathname_flow.rb:131:8:131:8 | k | pathname_flow.rb:131:8:131:17 | call to realpath |
| pathname_flow.rb:133:3:133:3 | l | pathname_flow.rb:134:8:134:8 | l |
| pathname_flow.rb:133:7:133:7 | a | pathname_flow.rb:133:7:133:15 | call to to_path |
| pathname_flow.rb:133:7:133:15 | call to to_path | pathname_flow.rb:133:3:133:3 | l |
| pathname_flow.rb:134:8:134:8 | l | pathname_flow.rb:134:8:134:17 | call to realpath |
nodes
| pathname_flow.rb:4:5:4:6 | pn | semmle.label | pn |
| pathname_flow.rb:4:10:4:33 | call to new | semmle.label | call to new |
| pathname_flow.rb:4:23:4:32 | call to source | semmle.label | call to source |
| pathname_flow.rb:5:10:5:11 | pn | semmle.label | pn |
| pathname_flow.rb:9:3:9:3 | a | semmle.label | a |
| pathname_flow.rb:9:7:9:30 | call to new | semmle.label | call to new |
| pathname_flow.rb:9:20:9:29 | call to source | semmle.label | call to source |
| pathname_flow.rb:10:3:10:3 | b | semmle.label | b |
| pathname_flow.rb:10:7:10:30 | call to new | semmle.label | call to new |
| pathname_flow.rb:10:20:10:29 | call to source | semmle.label | call to source |
| pathname_flow.rb:11:8:11:12 | ... + ... | semmle.label | ... + ... |
| pathname_flow.rb:15:3:15:4 | pn | semmle.label | pn |
| pathname_flow.rb:15:8:15:31 | call to new | semmle.label | call to new |
| pathname_flow.rb:15:21:15:30 | call to source | semmle.label | call to source |
| pathname_flow.rb:16:8:16:9 | pn | semmle.label | pn |
| pathname_flow.rb:16:8:16:17 | call to dirname | semmle.label | call to dirname |
| pathname_flow.rb:20:3:20:3 | a | semmle.label | a |
| pathname_flow.rb:20:7:20:30 | call to new | semmle.label | call to new |
| pathname_flow.rb:20:20:20:29 | call to source | semmle.label | call to source |
| pathname_flow.rb:21:3:21:3 | a | semmle.label | a |
| pathname_flow.rb:21:23:21:23 | x | semmle.label | x |
| pathname_flow.rb:22:10:22:10 | x | semmle.label | x |
| pathname_flow.rb:27:3:27:3 | a | semmle.label | a |
| pathname_flow.rb:27:7:27:30 | call to new | semmle.label | call to new |
| pathname_flow.rb:27:20:27:29 | call to source | semmle.label | call to source |
| pathname_flow.rb:28:8:28:8 | a | semmle.label | a |
| pathname_flow.rb:28:8:28:22 | call to expand_path | semmle.label | call to expand_path |
| pathname_flow.rb:32:3:32:3 | a | semmle.label | a |
| pathname_flow.rb:32:7:32:30 | call to new | semmle.label | call to new |
| pathname_flow.rb:32:20:32:29 | call to source | semmle.label | call to source |
| pathname_flow.rb:34:3:34:3 | c | semmle.label | c |
| pathname_flow.rb:34:7:34:30 | call to new | semmle.label | call to new |
| pathname_flow.rb:34:20:34:29 | call to source | semmle.label | call to source |
| pathname_flow.rb:35:8:35:8 | a | semmle.label | a |
| pathname_flow.rb:35:8:35:19 | call to join | semmle.label | call to join |
| pathname_flow.rb:35:18:35:18 | c | semmle.label | c |
| pathname_flow.rb:39:3:39:3 | a | semmle.label | a |
| pathname_flow.rb:39:7:39:30 | call to new | semmle.label | call to new |
| pathname_flow.rb:39:20:39:29 | call to source | semmle.label | call to source |
| pathname_flow.rb:40:8:40:8 | a | semmle.label | a |
| pathname_flow.rb:40:8:40:17 | call to parent | semmle.label | call to parent |
| pathname_flow.rb:44:3:44:3 | a | semmle.label | a |
| pathname_flow.rb:44:7:44:30 | call to new | semmle.label | call to new |
| pathname_flow.rb:44:20:44:29 | call to source | semmle.label | call to source |
| pathname_flow.rb:45:8:45:8 | a | semmle.label | a |
| pathname_flow.rb:45:8:45:19 | call to realpath | semmle.label | call to realpath |
| pathname_flow.rb:49:3:49:3 | a | semmle.label | a |
| pathname_flow.rb:49:7:49:30 | call to new | semmle.label | call to new |
| pathname_flow.rb:49:20:49:29 | call to source | semmle.label | call to source |
| pathname_flow.rb:50:8:50:8 | a | semmle.label | a |
| pathname_flow.rb:50:8:50:39 | call to relative_path_from | semmle.label | call to relative_path_from |
| pathname_flow.rb:54:3:54:3 | a | semmle.label | a |
| pathname_flow.rb:54:7:54:30 | call to new | semmle.label | call to new |
| pathname_flow.rb:54:20:54:29 | call to source | semmle.label | call to source |
| pathname_flow.rb:55:8:55:8 | a | semmle.label | a |
| pathname_flow.rb:55:8:55:16 | call to to_path | semmle.label | call to to_path |
| pathname_flow.rb:59:3:59:3 | a | semmle.label | a |
| pathname_flow.rb:59:7:59:30 | call to new | semmle.label | call to new |
| pathname_flow.rb:59:20:59:29 | call to source | semmle.label | call to source |
| pathname_flow.rb:60:8:60:8 | a | semmle.label | a |
| pathname_flow.rb:60:8:60:13 | call to to_s | semmle.label | call to to_s |
| pathname_flow.rb:64:3:64:3 | a | semmle.label | a |
| pathname_flow.rb:64:7:64:30 | call to new | semmle.label | call to new |
| pathname_flow.rb:64:20:64:29 | call to source | semmle.label | call to source |
| pathname_flow.rb:65:3:65:3 | b | semmle.label | b |
| pathname_flow.rb:66:8:66:8 | b | semmle.label | b |
| pathname_flow.rb:70:3:70:3 | a | semmle.label | a |
| pathname_flow.rb:70:7:70:30 | call to new | semmle.label | call to new |
| pathname_flow.rb:70:20:70:29 | call to source | semmle.label | call to source |
| pathname_flow.rb:71:3:71:3 | b | semmle.label | b |
| pathname_flow.rb:72:8:72:8 | b | semmle.label | b |
| pathname_flow.rb:76:3:76:3 | a | semmle.label | a |
| pathname_flow.rb:76:7:76:30 | call to new | semmle.label | call to new |
| pathname_flow.rb:76:20:76:29 | call to source | semmle.label | call to source |
| pathname_flow.rb:77:3:77:3 | b | semmle.label | b |
| pathname_flow.rb:77:7:77:7 | a | semmle.label | a |
| pathname_flow.rb:77:7:77:16 | call to basename | semmle.label | call to basename |
| pathname_flow.rb:78:8:78:8 | b | semmle.label | b |
| pathname_flow.rb:82:3:82:3 | a | semmle.label | a |
| pathname_flow.rb:82:7:82:30 | call to new | semmle.label | call to new |
| pathname_flow.rb:82:20:82:29 | call to source | semmle.label | call to source |
| pathname_flow.rb:83:3:83:3 | b | semmle.label | b |
| pathname_flow.rb:83:7:83:7 | a | semmle.label | a |
| pathname_flow.rb:83:7:83:17 | call to cleanpath | semmle.label | call to cleanpath |
| pathname_flow.rb:84:8:84:8 | b | semmle.label | b |
| pathname_flow.rb:88:3:88:3 | a | semmle.label | a |
| pathname_flow.rb:88:7:88:30 | call to new | semmle.label | call to new |
| pathname_flow.rb:88:20:88:29 | call to source | semmle.label | call to source |
| pathname_flow.rb:89:3:89:3 | b | semmle.label | b |
| pathname_flow.rb:89:7:89:7 | a | semmle.label | a |
| pathname_flow.rb:89:7:89:25 | call to sub | semmle.label | call to sub |
| pathname_flow.rb:90:8:90:8 | b | semmle.label | b |
| pathname_flow.rb:94:3:94:3 | a | semmle.label | a |
| pathname_flow.rb:94:7:94:30 | call to new | semmle.label | call to new |
| pathname_flow.rb:94:20:94:29 | call to source | semmle.label | call to source |
| pathname_flow.rb:95:3:95:3 | b | semmle.label | b |
| pathname_flow.rb:95:7:95:7 | a | semmle.label | a |
| pathname_flow.rb:95:7:95:23 | call to sub_ext | semmle.label | call to sub_ext |
| pathname_flow.rb:96:8:96:8 | b | semmle.label | b |
| pathname_flow.rb:101:3:101:3 | a | semmle.label | a |
| pathname_flow.rb:101:7:101:30 | call to new | semmle.label | call to new |
| pathname_flow.rb:101:20:101:29 | call to source | semmle.label | call to source |
| pathname_flow.rb:103:3:103:3 | b | semmle.label | b |
| pathname_flow.rb:104:8:104:8 | b | semmle.label | b |
| pathname_flow.rb:104:8:104:17 | call to realpath | semmle.label | call to realpath |
| pathname_flow.rb:106:3:106:3 | c | semmle.label | c |
| pathname_flow.rb:107:8:107:8 | c | semmle.label | c |
| pathname_flow.rb:107:8:107:17 | call to realpath | semmle.label | call to realpath |
| pathname_flow.rb:109:3:109:3 | d | semmle.label | d |
| pathname_flow.rb:109:7:109:7 | a | semmle.label | a |
| pathname_flow.rb:109:7:109:16 | call to basename | semmle.label | call to basename |
| pathname_flow.rb:110:8:110:8 | d | semmle.label | d |
| pathname_flow.rb:110:8:110:17 | call to realpath | semmle.label | call to realpath |
| pathname_flow.rb:112:3:112:3 | e | semmle.label | e |
| pathname_flow.rb:112:7:112:7 | a | semmle.label | a |
| pathname_flow.rb:112:7:112:17 | call to cleanpath | semmle.label | call to cleanpath |
| pathname_flow.rb:113:8:113:8 | e | semmle.label | e |
| pathname_flow.rb:113:8:113:17 | call to realpath | semmle.label | call to realpath |
| pathname_flow.rb:115:3:115:3 | f | semmle.label | f |
| pathname_flow.rb:115:7:115:7 | a | semmle.label | a |
| pathname_flow.rb:115:7:115:19 | call to expand_path | semmle.label | call to expand_path |
| pathname_flow.rb:116:8:116:8 | f | semmle.label | f |
| pathname_flow.rb:116:8:116:17 | call to realpath | semmle.label | call to realpath |
| pathname_flow.rb:118:3:118:3 | g | semmle.label | g |
| pathname_flow.rb:118:7:118:7 | a | semmle.label | a |
| pathname_flow.rb:118:7:118:19 | call to join | semmle.label | call to join |
| pathname_flow.rb:119:8:119:8 | g | semmle.label | g |
| pathname_flow.rb:119:8:119:17 | call to realpath | semmle.label | call to realpath |
| pathname_flow.rb:121:3:121:3 | h | semmle.label | h |
| pathname_flow.rb:121:7:121:7 | a | semmle.label | a |
| pathname_flow.rb:121:7:121:16 | call to realpath | semmle.label | call to realpath |
| pathname_flow.rb:122:8:122:8 | h | semmle.label | h |
| pathname_flow.rb:122:8:122:17 | call to realpath | semmle.label | call to realpath |
| pathname_flow.rb:124:3:124:3 | i | semmle.label | i |
| pathname_flow.rb:124:7:124:7 | a | semmle.label | a |
| pathname_flow.rb:124:7:124:38 | call to relative_path_from | semmle.label | call to relative_path_from |
| pathname_flow.rb:125:8:125:8 | i | semmle.label | i |
| pathname_flow.rb:125:8:125:17 | call to realpath | semmle.label | call to realpath |
| pathname_flow.rb:127:3:127:3 | j | semmle.label | j |
| pathname_flow.rb:127:7:127:7 | a | semmle.label | a |
| pathname_flow.rb:127:7:127:25 | call to sub | semmle.label | call to sub |
| pathname_flow.rb:128:8:128:8 | j | semmle.label | j |
| pathname_flow.rb:128:8:128:17 | call to realpath | semmle.label | call to realpath |
| pathname_flow.rb:130:3:130:3 | k | semmle.label | k |
| pathname_flow.rb:130:7:130:7 | a | semmle.label | a |
| pathname_flow.rb:130:7:130:23 | call to sub_ext | semmle.label | call to sub_ext |
| pathname_flow.rb:131:8:131:8 | k | semmle.label | k |
| pathname_flow.rb:131:8:131:17 | call to realpath | semmle.label | call to realpath |
| pathname_flow.rb:133:3:133:3 | l | semmle.label | l |
| pathname_flow.rb:133:7:133:7 | a | semmle.label | a |
| pathname_flow.rb:133:7:133:15 | call to to_path | semmle.label | call to to_path |
| pathname_flow.rb:134:8:134:8 | l | semmle.label | l |
| pathname_flow.rb:134:8:134:17 | call to realpath | semmle.label | call to realpath |
subpaths
#select

2
ruby/ql/test/library-tests/dataflow/pathname-flow/pathame-flow.ql
View File

@@ -5,7 +5,7 @@
import codeql.ruby.AST
import TestUtilities.InlineFlowTest
import DefaultFlowTest
import PathGraph
import ValueFlow::PathGraph
from ValueFlow::PathNode source, ValueFlow::PathNode sink
where ValueFlow::flowPath(source, sink)

8
ruby/ql/test/library-tests/dataflow/ssa-flow/ssa-flow.expected
View File

@@ -1,20 +1,12 @@
failures
testFailures
edges
| ssa_flow.rb:12:9:12:9 | [post] a [element 0] | ssa_flow.rb:16:10:16:10 | a [element 0] |
| ssa_flow.rb:12:9:12:9 | [post] a [element 0] | ssa_flow.rb:16:10:16:10 | a [element 0] |
| ssa_flow.rb:12:16:12:23 | call to taint | ssa_flow.rb:12:9:12:9 | [post] a [element 0] |
| ssa_flow.rb:12:16:12:23 | call to taint | ssa_flow.rb:12:9:12:9 | [post] a [element 0] |
| ssa_flow.rb:16:10:16:10 | a [element 0] | ssa_flow.rb:16:10:16:13 | ...[...] |
| ssa_flow.rb:16:10:16:10 | a [element 0] | ssa_flow.rb:16:10:16:13 | ...[...] |
nodes
| ssa_flow.rb:12:9:12:9 | [post] a [element 0] | semmle.label | [post] a [element 0] |
| ssa_flow.rb:12:9:12:9 | [post] a [element 0] | semmle.label | [post] a [element 0] |
| ssa_flow.rb:12:16:12:23 | call to taint | semmle.label | call to taint |
| ssa_flow.rb:12:16:12:23 | call to taint | semmle.label | call to taint |
| ssa_flow.rb:16:10:16:10 | a [element 0] | semmle.label | a [element 0] |
| ssa_flow.rb:16:10:16:10 | a [element 0] | semmle.label | a [element 0] |
| ssa_flow.rb:16:10:16:13 | ...[...] | semmle.label | ...[...] |
| ssa_flow.rb:16:10:16:13 | ...[...] | semmle.label | ...[...] |
subpaths
#select

2
ruby/ql/test/library-tests/dataflow/ssa-flow/ssa-flow.ql
View File

@@ -5,7 +5,7 @@
import codeql.ruby.AST
import TestUtilities.InlineFlowTest
import DefaultFlowTest
import PathGraph
import ValueFlow::PathGraph
from ValueFlow::PathNode source, ValueFlow::PathNode sink
where ValueFlow::flowPath(source, sink)

733
ruby/ql/test/library-tests/dataflow/string-flow/string-flow.expected
View File

@@ -1,766 +1,33 @@
failures
testFailures
| string_flow.rb:85:10:85:10 | a | Unexpected result: hasValueFlow=a |
| string_flow.rb:227:10:227:10 | a | Unexpected result: hasValueFlow=a |
edges
| string_flow.rb:2:5:2:5 | a | string_flow.rb:3:21:3:21 | a |
| string_flow.rb:2:5:2:5 | a | string_flow.rb:3:21:3:21 | a |
| string_flow.rb:2:9:2:18 | call to source | string_flow.rb:2:5:2:5 | a |
| string_flow.rb:2:9:2:18 | call to source | string_flow.rb:2:5:2:5 | a |
| string_flow.rb:3:21:3:21 | a | string_flow.rb:3:10:3:22 | call to new |
| string_flow.rb:3:21:3:21 | a | string_flow.rb:3:10:3:22 | call to new |
| string_flow.rb:7:5:7:5 | a | string_flow.rb:9:29:9:29 | a |
| string_flow.rb:7:9:7:18 | call to source | string_flow.rb:7:5:7:5 | a |
| string_flow.rb:8:5:8:5 | b | string_flow.rb:10:29:10:29 | b |
| string_flow.rb:8:9:8:16 | call to source | string_flow.rb:8:5:8:5 | b |
| string_flow.rb:9:29:9:29 | a | string_flow.rb:9:10:9:30 | call to try_convert |
| string_flow.rb:10:29:10:29 | b | string_flow.rb:10:10:10:30 | call to try_convert |
| string_flow.rb:14:5:14:5 | a | string_flow.rb:15:10:15:17 | ... % ... |
| string_flow.rb:14:5:14:5 | a | string_flow.rb:15:17:15:17 | a |
| string_flow.rb:14:5:14:5 | a | string_flow.rb:16:10:16:29 | ... % ... |
| string_flow.rb:14:5:14:5 | a | string_flow.rb:16:28:16:28 | a |
| string_flow.rb:14:5:14:5 | a | string_flow.rb:17:10:17:10 | a |
| string_flow.rb:14:5:14:5 | a | string_flow.rb:17:10:17:18 | ... % ... |
| string_flow.rb:14:9:14:18 | call to source | string_flow.rb:14:5:14:5 | a |
| string_flow.rb:15:17:15:17 | a | string_flow.rb:15:10:15:17 | ... % ... |
| string_flow.rb:16:28:16:28 | a | string_flow.rb:16:10:16:29 | ... % ... |
| string_flow.rb:17:10:17:10 | a | string_flow.rb:17:10:17:18 | ... % ... |
| string_flow.rb:21:5:21:5 | a | string_flow.rb:22:5:22:5 | b |
| string_flow.rb:21:9:21:18 | call to source | string_flow.rb:21:5:21:5 | a |
| string_flow.rb:22:5:22:5 | b | string_flow.rb:23:10:23:10 | b |
| string_flow.rb:27:5:27:5 | a | string_flow.rb:28:5:28:5 | b |
| string_flow.rb:27:9:27:18 | call to source | string_flow.rb:27:5:27:5 | a |
| string_flow.rb:28:5:28:5 | b | string_flow.rb:29:10:29:10 | b |
| string_flow.rb:33:5:33:5 | a | string_flow.rb:34:5:34:5 | b |
| string_flow.rb:33:5:33:5 | a | string_flow.rb:36:5:36:5 | c |
| string_flow.rb:33:9:33:18 | call to source | string_flow.rb:33:5:33:5 | a |
| string_flow.rb:34:5:34:5 | b | string_flow.rb:35:10:35:10 | b |
| string_flow.rb:36:5:36:5 | c | string_flow.rb:37:10:37:10 | c |
| string_flow.rb:41:5:41:5 | a | string_flow.rb:42:10:42:10 | a |
| string_flow.rb:41:9:41:18 | call to source | string_flow.rb:41:5:41:5 | a |
| string_flow.rb:42:10:42:10 | a | string_flow.rb:42:10:42:12 | call to b |
| string_flow.rb:46:5:46:5 | a | string_flow.rb:47:10:47:10 | a |
| string_flow.rb:46:5:46:5 | a | string_flow.rb:48:10:48:10 | a |
| string_flow.rb:46:5:46:5 | a | string_flow.rb:49:10:49:10 | a |
| string_flow.rb:46:9:46:18 | call to source | string_flow.rb:46:5:46:5 | a |
| string_flow.rb:47:10:47:10 | a | string_flow.rb:47:10:47:23 | call to byteslice |
| string_flow.rb:48:10:48:10 | a | string_flow.rb:48:10:48:26 | call to byteslice |
| string_flow.rb:49:10:49:10 | a | string_flow.rb:49:10:49:26 | call to byteslice |
| string_flow.rb:53:5:53:5 | a | string_flow.rb:54:10:54:10 | a |
| string_flow.rb:53:5:53:5 | a | string_flow.rb:55:10:55:10 | a |
| string_flow.rb:53:9:53:18 | call to source | string_flow.rb:53:5:53:5 | a |
| string_flow.rb:54:10:54:10 | a | string_flow.rb:54:10:54:21 | call to capitalize |
| string_flow.rb:55:10:55:10 | a | string_flow.rb:55:10:55:22 | call to capitalize! |
| string_flow.rb:59:5:59:5 | a | string_flow.rb:60:10:60:10 | a |
| string_flow.rb:59:5:59:5 | a | string_flow.rb:61:27:61:27 | a |
| string_flow.rb:59:5:59:5 | a | string_flow.rb:62:10:62:10 | a |
| string_flow.rb:59:5:59:5 | a | string_flow.rb:63:26:63:26 | a |
| string_flow.rb:59:5:59:5 | a | string_flow.rb:64:10:64:10 | a |
| string_flow.rb:59:5:59:5 | a | string_flow.rb:65:26:65:26 | a |
| string_flow.rb:59:9:59:18 | call to source | string_flow.rb:59:5:59:5 | a |
| string_flow.rb:60:10:60:10 | a | string_flow.rb:60:10:60:21 | call to center |
| string_flow.rb:61:27:61:27 | a | string_flow.rb:61:10:61:28 | call to center |
| string_flow.rb:62:10:62:10 | a | string_flow.rb:62:10:62:20 | call to ljust |
| string_flow.rb:63:26:63:26 | a | string_flow.rb:63:10:63:27 | call to ljust |
| string_flow.rb:64:10:64:10 | a | string_flow.rb:64:10:64:20 | call to rjust |
| string_flow.rb:65:26:65:26 | a | string_flow.rb:65:10:65:27 | call to rjust |
| string_flow.rb:69:5:69:5 | a | string_flow.rb:70:10:70:10 | a |
| string_flow.rb:69:5:69:5 | a | string_flow.rb:71:10:71:10 | a |
| string_flow.rb:69:9:69:18 | call to source | string_flow.rb:69:5:69:5 | a |
| string_flow.rb:70:10:70:10 | a | string_flow.rb:70:10:70:16 | call to chomp |
| string_flow.rb:71:10:71:10 | a | string_flow.rb:71:10:71:17 | call to chomp! |
| string_flow.rb:75:5:75:5 | a | string_flow.rb:76:10:76:10 | a |
| string_flow.rb:75:5:75:5 | a | string_flow.rb:77:10:77:10 | a |
| string_flow.rb:75:9:75:18 | call to source | string_flow.rb:75:5:75:5 | a |
| string_flow.rb:76:10:76:10 | a | string_flow.rb:76:10:76:15 | call to chop |
| string_flow.rb:77:10:77:10 | a | string_flow.rb:77:10:77:16 | call to chop! |
| string_flow.rb:83:5:83:5 | a | string_flow.rb:84:5:84:5 | a |
| string_flow.rb:83:5:83:5 | a | string_flow.rb:84:5:84:5 | a |
| string_flow.rb:83:9:83:18 | call to source | string_flow.rb:83:5:83:5 | a |
| string_flow.rb:83:9:83:18 | call to source | string_flow.rb:83:5:83:5 | a |
| string_flow.rb:84:5:84:5 | [post] a | string_flow.rb:85:10:85:10 | a |
| string_flow.rb:84:5:84:5 | [post] a | string_flow.rb:85:10:85:10 | a |
| string_flow.rb:84:5:84:5 | a | string_flow.rb:84:5:84:5 | [post] a |
| string_flow.rb:84:5:84:5 | a | string_flow.rb:84:5:84:5 | [post] a |
| string_flow.rb:108:5:108:5 | a | string_flow.rb:109:10:109:10 | a |
| string_flow.rb:108:9:108:18 | call to source | string_flow.rb:108:5:108:5 | a |
| string_flow.rb:109:10:109:10 | [post] a | string_flow.rb:110:10:110:10 | a |
| string_flow.rb:109:10:109:10 | [post] a | string_flow.rb:111:10:111:10 | a |
| string_flow.rb:109:10:109:10 | a | string_flow.rb:109:10:109:10 | [post] a |
| string_flow.rb:109:10:109:10 | a | string_flow.rb:109:10:109:22 | call to delete |
| string_flow.rb:110:10:110:10 | a | string_flow.rb:110:10:110:29 | call to delete_prefix |
| string_flow.rb:111:10:111:10 | a | string_flow.rb:111:10:111:29 | call to delete_suffix |
| string_flow.rb:115:5:115:5 | a | string_flow.rb:116:10:116:10 | a |
| string_flow.rb:115:5:115:5 | a | string_flow.rb:117:10:117:10 | a |
| string_flow.rb:115:5:115:5 | a | string_flow.rb:118:10:118:10 | a |
| string_flow.rb:115:5:115:5 | a | string_flow.rb:119:10:119:10 | a |
| string_flow.rb:115:5:115:5 | a | string_flow.rb:120:10:120:10 | a |
| string_flow.rb:115:5:115:5 | a | string_flow.rb:121:10:121:10 | a |
| string_flow.rb:115:9:115:18 | call to source | string_flow.rb:115:5:115:5 | a |
| string_flow.rb:116:10:116:10 | a | string_flow.rb:116:10:116:19 | call to downcase |
| string_flow.rb:117:10:117:10 | a | string_flow.rb:117:10:117:20 | call to downcase! |
| string_flow.rb:118:10:118:10 | a | string_flow.rb:118:10:118:19 | call to swapcase |
| string_flow.rb:119:10:119:10 | a | string_flow.rb:119:10:119:20 | call to swapcase! |
| string_flow.rb:120:10:120:10 | a | string_flow.rb:120:10:120:17 | call to upcase |
| string_flow.rb:121:10:121:10 | a | string_flow.rb:121:10:121:18 | call to upcase! |
| string_flow.rb:125:5:125:5 | a | string_flow.rb:126:9:126:9 | a |
| string_flow.rb:125:9:125:18 | call to source | string_flow.rb:125:5:125:5 | a |
| string_flow.rb:126:5:126:5 | b | string_flow.rb:127:10:127:10 | b |
| string_flow.rb:126:5:126:5 | b | string_flow.rb:128:10:128:10 | b |
| string_flow.rb:126:9:126:9 | a | string_flow.rb:126:9:126:14 | call to dump |
| string_flow.rb:126:9:126:14 | call to dump | string_flow.rb:126:5:126:5 | b |
| string_flow.rb:128:10:128:10 | b | string_flow.rb:128:10:128:17 | call to undump |
| string_flow.rb:132:5:132:5 | a | string_flow.rb:133:9:133:9 | a |
| string_flow.rb:132:5:132:5 | a | string_flow.rb:135:9:135:9 | a |
| string_flow.rb:132:9:132:18 | call to source | string_flow.rb:132:5:132:5 | a |
| string_flow.rb:133:5:133:5 | b | string_flow.rb:134:10:134:10 | b |
| string_flow.rb:133:9:133:9 | a | string_flow.rb:133:9:133:40 | call to each_line |
| string_flow.rb:133:9:133:9 | a | string_flow.rb:133:24:133:27 | line |
| string_flow.rb:133:9:133:40 | call to each_line | string_flow.rb:133:5:133:5 | b |
| string_flow.rb:133:24:133:27 | line | string_flow.rb:133:35:133:38 | line |
| string_flow.rb:135:5:135:5 | c [element] | string_flow.rb:136:10:136:10 | c [element] |
| string_flow.rb:135:9:135:9 | a | string_flow.rb:135:9:135:19 | call to each_line [element] |
| string_flow.rb:135:9:135:19 | call to each_line [element] | string_flow.rb:135:5:135:5 | c [element] |
| string_flow.rb:136:10:136:10 | c [element] | string_flow.rb:136:10:136:15 | call to to_a [element] |
| string_flow.rb:136:10:136:15 | call to to_a [element] | string_flow.rb:136:10:136:18 | ...[...] |
| string_flow.rb:140:5:140:5 | a | string_flow.rb:141:9:141:9 | a |
| string_flow.rb:140:5:140:5 | a | string_flow.rb:143:9:143:9 | a |
| string_flow.rb:140:9:140:18 | call to source | string_flow.rb:140:5:140:5 | a |
| string_flow.rb:141:5:141:5 | b | string_flow.rb:142:10:142:10 | b |
| string_flow.rb:141:9:141:9 | a | string_flow.rb:141:9:141:36 | call to lines |
| string_flow.rb:141:9:141:9 | a | string_flow.rb:141:20:141:23 | line |
| string_flow.rb:141:9:141:36 | call to lines | string_flow.rb:141:5:141:5 | b |
| string_flow.rb:141:20:141:23 | line | string_flow.rb:141:31:141:34 | line |
| string_flow.rb:143:5:143:5 | c [element] | string_flow.rb:144:10:144:10 | c [element] |
| string_flow.rb:143:9:143:9 | a | string_flow.rb:143:9:143:15 | call to lines [element] |
| string_flow.rb:143:9:143:15 | call to lines [element] | string_flow.rb:143:5:143:5 | c [element] |
| string_flow.rb:144:10:144:10 | c [element] | string_flow.rb:144:10:144:13 | ...[...] |
| string_flow.rb:148:5:148:5 | a | string_flow.rb:149:10:149:10 | a |
| string_flow.rb:148:5:148:5 | a | string_flow.rb:150:10:150:10 | a |
| string_flow.rb:148:5:148:5 | a | string_flow.rb:151:10:151:10 | a |
| string_flow.rb:148:5:148:5 | a | string_flow.rb:152:10:152:10 | a |
| string_flow.rb:148:9:148:18 | call to source | string_flow.rb:148:5:148:5 | a |
| string_flow.rb:149:10:149:10 | a | string_flow.rb:149:10:149:26 | call to encode |
| string_flow.rb:150:10:150:10 | a | string_flow.rb:150:10:150:27 | call to encode! |
| string_flow.rb:151:10:151:10 | a | string_flow.rb:151:10:151:28 | call to unicode_normalize |
| string_flow.rb:152:10:152:10 | a | string_flow.rb:152:10:152:29 | call to unicode_normalize! |
| string_flow.rb:156:5:156:5 | a | string_flow.rb:157:10:157:10 | a |
| string_flow.rb:156:9:156:18 | call to source | string_flow.rb:156:5:156:5 | a |
| string_flow.rb:157:10:157:10 | a | string_flow.rb:157:10:157:34 | call to force_encoding |
| string_flow.rb:161:5:161:5 | a | string_flow.rb:162:10:162:10 | a |
| string_flow.rb:161:9:161:18 | call to source | string_flow.rb:161:5:161:5 | a |
| string_flow.rb:162:10:162:10 | a | string_flow.rb:162:10:162:17 | call to freeze |
| string_flow.rb:166:5:166:5 | a | string_flow.rb:168:10:168:10 | a |
| string_flow.rb:166:5:166:5 | a | string_flow.rb:169:10:169:10 | a |
| string_flow.rb:166:5:166:5 | a | string_flow.rb:170:10:170:10 | a |
| string_flow.rb:166:5:166:5 | a | string_flow.rb:171:10:171:10 | a |
| string_flow.rb:166:9:166:18 | call to source | string_flow.rb:166:5:166:5 | a |
| string_flow.rb:167:5:167:5 | c | string_flow.rb:168:22:168:22 | c |
| string_flow.rb:167:5:167:5 | c | string_flow.rb:169:23:169:23 | c |
| string_flow.rb:167:9:167:18 | call to source | string_flow.rb:167:5:167:5 | c |
| string_flow.rb:168:10:168:10 | a | string_flow.rb:168:10:168:23 | call to gsub |
| string_flow.rb:168:22:168:22 | c | string_flow.rb:168:10:168:23 | call to gsub |
| string_flow.rb:169:10:169:10 | a | string_flow.rb:169:10:169:24 | call to gsub! |
| string_flow.rb:169:23:169:23 | c | string_flow.rb:169:10:169:24 | call to gsub! |
| string_flow.rb:170:10:170:10 | a | string_flow.rb:170:10:170:43 | call to gsub |
| string_flow.rb:170:32:170:41 | call to source | string_flow.rb:170:10:170:43 | call to gsub |
| string_flow.rb:171:10:171:10 | a | string_flow.rb:171:10:171:44 | call to gsub! |
| string_flow.rb:171:33:171:42 | call to source | string_flow.rb:171:10:171:44 | call to gsub! |
| string_flow.rb:175:5:175:5 | a | string_flow.rb:177:10:177:10 | a |
| string_flow.rb:175:5:175:5 | a | string_flow.rb:178:10:178:10 | a |
| string_flow.rb:175:5:175:5 | a | string_flow.rb:179:10:179:10 | a |
| string_flow.rb:175:5:175:5 | a | string_flow.rb:180:10:180:10 | a |
| string_flow.rb:175:9:175:18 | call to source | string_flow.rb:175:5:175:5 | a |
| string_flow.rb:176:5:176:5 | c | string_flow.rb:177:21:177:21 | c |
| string_flow.rb:176:5:176:5 | c | string_flow.rb:178:22:178:22 | c |
| string_flow.rb:176:9:176:18 | call to source | string_flow.rb:176:5:176:5 | c |
| string_flow.rb:177:10:177:10 | a | string_flow.rb:177:10:177:22 | call to sub |
| string_flow.rb:177:21:177:21 | c | string_flow.rb:177:10:177:22 | call to sub |
| string_flow.rb:178:10:178:10 | a | string_flow.rb:178:10:178:23 | call to sub! |
| string_flow.rb:178:22:178:22 | c | string_flow.rb:178:10:178:23 | call to sub! |
| string_flow.rb:179:10:179:10 | a | string_flow.rb:179:10:179:42 | call to sub |
| string_flow.rb:179:31:179:40 | call to source | string_flow.rb:179:10:179:42 | call to sub |
| string_flow.rb:180:10:180:10 | a | string_flow.rb:180:10:180:43 | call to sub! |
| string_flow.rb:180:32:180:41 | call to source | string_flow.rb:180:10:180:43 | call to sub! |
| string_flow.rb:191:5:191:5 | a | string_flow.rb:192:10:192:10 | a |
| string_flow.rb:191:9:191:18 | call to source | string_flow.rb:191:5:191:5 | a |
| string_flow.rb:192:10:192:10 | a | string_flow.rb:192:10:192:18 | call to inspect |
| string_flow.rb:196:5:196:5 | a | string_flow.rb:197:10:197:10 | a |
| string_flow.rb:196:5:196:5 | a | string_flow.rb:198:10:198:10 | a |
| string_flow.rb:196:5:196:5 | a | string_flow.rb:199:10:199:10 | a |
| string_flow.rb:196:5:196:5 | a | string_flow.rb:200:10:200:10 | a |
| string_flow.rb:196:5:196:5 | a | string_flow.rb:201:10:201:10 | a |
| string_flow.rb:196:5:196:5 | a | string_flow.rb:202:10:202:10 | a |
| string_flow.rb:196:9:196:18 | call to source | string_flow.rb:196:5:196:5 | a |
| string_flow.rb:197:10:197:10 | a | string_flow.rb:197:10:197:16 | call to strip |
| string_flow.rb:198:10:198:10 | a | string_flow.rb:198:10:198:17 | call to strip! |
| string_flow.rb:199:10:199:10 | a | string_flow.rb:199:10:199:17 | call to lstrip |
| string_flow.rb:200:10:200:10 | a | string_flow.rb:200:10:200:18 | call to lstrip! |
| string_flow.rb:201:10:201:10 | a | string_flow.rb:201:10:201:17 | call to rstrip |
| string_flow.rb:202:10:202:10 | a | string_flow.rb:202:10:202:18 | call to rstrip! |
| string_flow.rb:206:5:206:5 | a | string_flow.rb:207:10:207:10 | a |
| string_flow.rb:206:5:206:5 | a | string_flow.rb:208:10:208:10 | a |
| string_flow.rb:206:5:206:5 | a | string_flow.rb:209:10:209:10 | a |
| string_flow.rb:206:5:206:5 | a | string_flow.rb:210:10:210:10 | a |
| string_flow.rb:206:9:206:18 | call to source | string_flow.rb:206:5:206:5 | a |
| string_flow.rb:207:10:207:10 | a | string_flow.rb:207:10:207:15 | call to next |
| string_flow.rb:208:10:208:10 | a | string_flow.rb:208:10:208:16 | call to next! |
| string_flow.rb:209:10:209:10 | a | string_flow.rb:209:10:209:15 | call to succ |
| string_flow.rb:210:10:210:10 | a | string_flow.rb:210:10:210:16 | call to succ! |
| string_flow.rb:214:5:214:5 | a | string_flow.rb:215:9:215:9 | a |
| string_flow.rb:214:9:214:18 | call to source | string_flow.rb:214:5:214:5 | a |
| string_flow.rb:215:5:215:5 | b [element 0] | string_flow.rb:216:10:216:10 | b [element 0] |
| string_flow.rb:215:5:215:5 | b [element 1] | string_flow.rb:217:10:217:10 | b [element 1] |
| string_flow.rb:215:5:215:5 | b [element 2] | string_flow.rb:218:10:218:10 | b [element 2] |
| string_flow.rb:215:9:215:9 | a | string_flow.rb:215:9:215:24 | call to partition [element 0] |
| string_flow.rb:215:9:215:9 | a | string_flow.rb:215:9:215:24 | call to partition [element 1] |
| string_flow.rb:215:9:215:9 | a | string_flow.rb:215:9:215:24 | call to partition [element 2] |
| string_flow.rb:215:9:215:24 | call to partition [element 0] | string_flow.rb:215:5:215:5 | b [element 0] |
| string_flow.rb:215:9:215:24 | call to partition [element 1] | string_flow.rb:215:5:215:5 | b [element 1] |
| string_flow.rb:215:9:215:24 | call to partition [element 2] | string_flow.rb:215:5:215:5 | b [element 2] |
| string_flow.rb:216:10:216:10 | b [element 0] | string_flow.rb:216:10:216:13 | ...[...] |
| string_flow.rb:217:10:217:10 | b [element 1] | string_flow.rb:217:10:217:13 | ...[...] |
| string_flow.rb:218:10:218:10 | b [element 2] | string_flow.rb:218:10:218:13 | ...[...] |
| string_flow.rb:223:5:223:5 | a | string_flow.rb:225:10:225:10 | a |
| string_flow.rb:223:5:223:5 | a | string_flow.rb:225:10:225:10 | a |
| string_flow.rb:223:9:223:18 | call to source | string_flow.rb:223:5:223:5 | a |
| string_flow.rb:223:9:223:18 | call to source | string_flow.rb:223:5:223:5 | a |
| string_flow.rb:224:5:224:5 | b | string_flow.rb:225:20:225:20 | b |
| string_flow.rb:224:9:224:18 | call to source | string_flow.rb:224:5:224:5 | b |
| string_flow.rb:225:10:225:10 | [post] a | string_flow.rb:227:10:227:10 | a |
| string_flow.rb:225:10:225:10 | [post] a | string_flow.rb:227:10:227:10 | a |
| string_flow.rb:225:10:225:10 | a | string_flow.rb:225:10:225:10 | [post] a |
| string_flow.rb:225:10:225:10 | a | string_flow.rb:225:10:225:10 | [post] a |
| string_flow.rb:225:20:225:20 | b | string_flow.rb:225:10:225:10 | [post] a |
| string_flow.rb:225:20:225:20 | b | string_flow.rb:225:10:225:21 | call to replace |
| string_flow.rb:231:5:231:5 | a | string_flow.rb:232:10:232:10 | a |
| string_flow.rb:231:9:231:18 | call to source | string_flow.rb:231:5:231:5 | a |
| string_flow.rb:232:10:232:10 | a | string_flow.rb:232:10:232:18 | call to reverse |
| string_flow.rb:236:5:236:5 | a | string_flow.rb:237:9:237:9 | a |
| string_flow.rb:236:5:236:5 | a | string_flow.rb:238:9:238:9 | a |
| string_flow.rb:236:5:236:5 | a | string_flow.rb:240:9:240:9 | a |
| string_flow.rb:236:9:236:18 | call to source | string_flow.rb:236:5:236:5 | a |
| string_flow.rb:237:9:237:9 | a | string_flow.rb:237:24:237:24 | x |
| string_flow.rb:237:24:237:24 | x | string_flow.rb:237:35:237:35 | x |
| string_flow.rb:238:5:238:5 | b | string_flow.rb:239:10:239:10 | b |
| string_flow.rb:238:9:238:9 | a | string_flow.rb:238:9:238:37 | call to scan |
| string_flow.rb:238:9:238:9 | a | string_flow.rb:238:27:238:27 | y |
| string_flow.rb:238:9:238:37 | call to scan | string_flow.rb:238:5:238:5 | b |
| string_flow.rb:238:27:238:27 | y | string_flow.rb:238:35:238:35 | y |
| string_flow.rb:240:5:240:5 | b [element] | string_flow.rb:241:10:241:10 | b [element] |
| string_flow.rb:240:5:240:5 | b [element] | string_flow.rb:242:10:242:10 | b [element] |
| string_flow.rb:240:9:240:9 | a | string_flow.rb:240:9:240:19 | call to scan [element] |
| string_flow.rb:240:9:240:19 | call to scan [element] | string_flow.rb:240:5:240:5 | b [element] |
| string_flow.rb:241:10:241:10 | b [element] | string_flow.rb:241:10:241:13 | ...[...] |
| string_flow.rb:242:10:242:10 | b [element] | string_flow.rb:242:10:242:13 | ...[...] |
| string_flow.rb:246:5:246:5 | a | string_flow.rb:247:10:247:10 | a |
| string_flow.rb:246:5:246:5 | a | string_flow.rb:248:20:248:20 | a |
| string_flow.rb:246:5:246:5 | a | string_flow.rb:249:5:249:5 | a |
| string_flow.rb:246:5:246:5 | a | string_flow.rb:250:26:250:26 | a |
| string_flow.rb:246:5:246:5 | a | string_flow.rb:252:10:252:10 | a |
| string_flow.rb:246:5:246:5 | a | string_flow.rb:253:21:253:21 | a |
| string_flow.rb:246:9:246:18 | call to source | string_flow.rb:246:5:246:5 | a |
| string_flow.rb:247:10:247:10 | a | string_flow.rb:247:10:247:21 | call to scrub |
| string_flow.rb:248:20:248:20 | a | string_flow.rb:248:10:248:21 | call to scrub |
| string_flow.rb:249:5:249:5 | a | string_flow.rb:249:16:249:16 | x |
| string_flow.rb:249:16:249:16 | x | string_flow.rb:249:24:249:24 | x |
| string_flow.rb:250:26:250:26 | a | string_flow.rb:250:10:250:28 | call to scrub |
| string_flow.rb:252:10:252:10 | a | string_flow.rb:252:10:252:22 | call to scrub! |
| string_flow.rb:253:21:253:21 | a | string_flow.rb:253:10:253:22 | call to scrub! |
| string_flow.rb:255:5:255:5 | a | string_flow.rb:256:5:256:5 | a |
| string_flow.rb:255:5:255:5 | a | string_flow.rb:258:27:258:27 | a |
| string_flow.rb:255:9:255:18 | call to source | string_flow.rb:255:5:255:5 | a |
| string_flow.rb:256:5:256:5 | a | string_flow.rb:256:17:256:17 | x |
| string_flow.rb:256:17:256:17 | x | string_flow.rb:256:25:256:25 | x |
| string_flow.rb:258:27:258:27 | a | string_flow.rb:258:10:258:29 | call to scrub! |
| string_flow.rb:262:5:262:5 | a | string_flow.rb:263:10:263:10 | a |
| string_flow.rb:262:9:262:18 | call to source | string_flow.rb:262:5:262:5 | a |
| string_flow.rb:263:10:263:10 | a | string_flow.rb:263:10:263:22 | call to shellescape |
| string_flow.rb:267:5:267:5 | a | string_flow.rb:268:9:268:9 | a |
| string_flow.rb:267:9:267:18 | call to source | string_flow.rb:267:5:267:5 | a |
| string_flow.rb:268:5:268:5 | b [element] | string_flow.rb:269:10:269:10 | b [element] |
| string_flow.rb:268:9:268:9 | a | string_flow.rb:268:9:268:20 | call to shellsplit [element] |
| string_flow.rb:268:9:268:20 | call to shellsplit [element] | string_flow.rb:268:5:268:5 | b [element] |
| string_flow.rb:269:10:269:10 | b [element] | string_flow.rb:269:10:269:13 | ...[...] |
| string_flow.rb:273:5:273:5 | a | string_flow.rb:274:9:274:9 | a |
| string_flow.rb:273:5:273:5 | a | string_flow.rb:277:9:277:9 | a |
| string_flow.rb:273:9:273:18 | call to source | string_flow.rb:273:5:273:5 | a |
| string_flow.rb:274:5:274:5 | b | string_flow.rb:275:10:275:10 | b |
| string_flow.rb:274:9:274:9 | a | string_flow.rb:274:9:274:18 | call to slice |
| string_flow.rb:274:9:274:18 | call to slice | string_flow.rb:274:5:274:5 | b |
| string_flow.rb:275:10:275:10 | b | string_flow.rb:275:10:275:13 | ...[...] |
| string_flow.rb:277:5:277:5 | b | string_flow.rb:278:10:278:10 | b |
| string_flow.rb:277:9:277:9 | [post] a | string_flow.rb:280:9:280:9 | a |
| string_flow.rb:277:9:277:9 | [post] a | string_flow.rb:283:9:283:9 | a |
| string_flow.rb:277:9:277:9 | [post] a [element 1] | string_flow.rb:283:9:283:9 | a [element 1] |
| string_flow.rb:277:9:277:9 | [post] a [element 2] | string_flow.rb:283:9:283:9 | a [element 2] |
| string_flow.rb:277:9:277:9 | [post] a [element] | string_flow.rb:283:9:283:9 | a [element] |
| string_flow.rb:277:9:277:9 | a | string_flow.rb:277:9:277:9 | [post] a |
| string_flow.rb:277:9:277:9 | a | string_flow.rb:277:9:277:9 | [post] a [element 1] |
| string_flow.rb:277:9:277:9 | a | string_flow.rb:277:9:277:9 | [post] a [element 2] |
| string_flow.rb:277:9:277:9 | a | string_flow.rb:277:9:277:9 | [post] a [element] |
| string_flow.rb:277:9:277:9 | a | string_flow.rb:277:9:277:19 | call to slice! |
| string_flow.rb:277:9:277:19 | call to slice! | string_flow.rb:277:5:277:5 | b |
| string_flow.rb:278:10:278:10 | b | string_flow.rb:278:10:278:13 | ...[...] |
| string_flow.rb:280:5:280:5 | b | string_flow.rb:281:10:281:10 | b |
| string_flow.rb:280:9:280:9 | a | string_flow.rb:280:9:280:20 | call to split |
| string_flow.rb:280:9:280:20 | call to split | string_flow.rb:280:5:280:5 | b |
| string_flow.rb:281:10:281:10 | b | string_flow.rb:281:10:281:13 | ...[...] |
| string_flow.rb:283:5:283:5 | b | string_flow.rb:284:10:284:10 | b |
| string_flow.rb:283:5:283:5 | b [element 0] | string_flow.rb:284:10:284:10 | b [element 0] |
| string_flow.rb:283:5:283:5 | b [element 1] | string_flow.rb:284:10:284:10 | b [element 1] |
| string_flow.rb:283:5:283:5 | b [element] | string_flow.rb:284:10:284:10 | b [element] |
| string_flow.rb:283:9:283:9 | a | string_flow.rb:283:9:283:14 | ...[...] |
| string_flow.rb:283:9:283:9 | a | string_flow.rb:283:9:283:14 | ...[...] [element 0] |
| string_flow.rb:283:9:283:9 | a | string_flow.rb:283:9:283:14 | ...[...] [element 1] |
| string_flow.rb:283:9:283:9 | a [element 1] | string_flow.rb:283:9:283:14 | ...[...] [element 0] |
| string_flow.rb:283:9:283:9 | a [element 2] | string_flow.rb:283:9:283:14 | ...[...] [element 1] |
| string_flow.rb:283:9:283:9 | a [element] | string_flow.rb:283:9:283:14 | ...[...] [element] |
| string_flow.rb:283:9:283:14 | ...[...] | string_flow.rb:283:5:283:5 | b |
| string_flow.rb:283:9:283:14 | ...[...] [element 0] | string_flow.rb:283:5:283:5 | b [element 0] |
| string_flow.rb:283:9:283:14 | ...[...] [element 1] | string_flow.rb:283:5:283:5 | b [element 1] |
| string_flow.rb:283:9:283:14 | ...[...] [element] | string_flow.rb:283:5:283:5 | b [element] |
| string_flow.rb:284:10:284:10 | b | string_flow.rb:284:10:284:13 | ...[...] |
| string_flow.rb:284:10:284:10 | b [element 0] | string_flow.rb:284:10:284:13 | ...[...] |
| string_flow.rb:284:10:284:10 | b [element 1] | string_flow.rb:284:10:284:13 | ...[...] |
| string_flow.rb:284:10:284:10 | b [element] | string_flow.rb:284:10:284:13 | ...[...] |
| string_flow.rb:288:5:288:5 | a | string_flow.rb:289:10:289:10 | a |
| string_flow.rb:288:5:288:5 | a | string_flow.rb:290:10:290:10 | a |
| string_flow.rb:288:5:288:5 | a | string_flow.rb:291:10:291:10 | a |
| string_flow.rb:288:5:288:5 | a | string_flow.rb:292:10:292:10 | a |
| string_flow.rb:288:9:288:18 | call to source | string_flow.rb:288:5:288:5 | a |
| string_flow.rb:289:10:289:10 | a | string_flow.rb:289:10:289:18 | call to squeeze |
| string_flow.rb:290:10:290:10 | a | string_flow.rb:290:10:290:23 | call to squeeze |
| string_flow.rb:291:10:291:10 | a | string_flow.rb:291:10:291:19 | call to squeeze! |
| string_flow.rb:292:10:292:10 | a | string_flow.rb:292:10:292:24 | call to squeeze! |
| string_flow.rb:296:5:296:5 | a | string_flow.rb:297:10:297:10 | a |
| string_flow.rb:296:5:296:5 | a | string_flow.rb:298:10:298:10 | a |
| string_flow.rb:296:9:296:18 | call to source | string_flow.rb:296:5:296:5 | a |
| string_flow.rb:297:10:297:10 | a | string_flow.rb:297:10:297:17 | call to to_str |
| string_flow.rb:298:10:298:10 | a | string_flow.rb:298:10:298:15 | call to to_s |
| string_flow.rb:302:5:302:5 | a | string_flow.rb:303:10:303:10 | a |
| string_flow.rb:302:5:302:5 | a | string_flow.rb:304:22:304:22 | a |
| string_flow.rb:302:5:302:5 | a | string_flow.rb:305:10:305:10 | a |
| string_flow.rb:302:5:302:5 | a | string_flow.rb:306:23:306:23 | a |
| string_flow.rb:302:5:302:5 | a | string_flow.rb:307:10:307:10 | a |
| string_flow.rb:302:5:302:5 | a | string_flow.rb:308:24:308:24 | a |
| string_flow.rb:302:5:302:5 | a | string_flow.rb:309:10:309:10 | a |
| string_flow.rb:302:5:302:5 | a | string_flow.rb:310:25:310:25 | a |
| string_flow.rb:302:9:302:18 | call to source | string_flow.rb:302:5:302:5 | a |
| string_flow.rb:303:10:303:10 | a | string_flow.rb:303:10:303:23 | call to tr |
| string_flow.rb:304:22:304:22 | a | string_flow.rb:304:10:304:23 | call to tr |
| string_flow.rb:305:10:305:10 | a | string_flow.rb:305:10:305:24 | call to tr! |
| string_flow.rb:306:23:306:23 | a | string_flow.rb:306:10:306:24 | call to tr! |
| string_flow.rb:307:10:307:10 | a | string_flow.rb:307:10:307:25 | call to tr_s |
| string_flow.rb:308:24:308:24 | a | string_flow.rb:308:10:308:25 | call to tr_s |
| string_flow.rb:309:10:309:10 | a | string_flow.rb:309:10:309:26 | call to tr_s! |
| string_flow.rb:310:25:310:25 | a | string_flow.rb:310:10:310:26 | call to tr_s! |
| string_flow.rb:314:5:314:5 | a | string_flow.rb:315:5:315:5 | a |
| string_flow.rb:314:5:314:5 | a | string_flow.rb:316:5:316:5 | a |
| string_flow.rb:314:5:314:5 | a | string_flow.rb:317:14:317:14 | a |
| string_flow.rb:314:9:314:18 | call to source | string_flow.rb:314:5:314:5 | a |
| string_flow.rb:315:5:315:5 | a | string_flow.rb:315:20:315:20 | x |
| string_flow.rb:315:20:315:20 | x | string_flow.rb:315:28:315:28 | x |
| string_flow.rb:316:5:316:5 | a | string_flow.rb:316:26:316:26 | x |
| string_flow.rb:316:26:316:26 | x | string_flow.rb:316:34:316:34 | x |
| string_flow.rb:317:14:317:14 | a | string_flow.rb:317:20:317:20 | x |
| string_flow.rb:317:20:317:20 | x | string_flow.rb:317:28:317:28 | x |
nodes
| string_flow.rb:2:5:2:5 | a | semmle.label | a |
| string_flow.rb:2:5:2:5 | a | semmle.label | a |
| string_flow.rb:2:9:2:18 | call to source | semmle.label | call to source |
| string_flow.rb:2:9:2:18 | call to source | semmle.label | call to source |
| string_flow.rb:3:10:3:22 | call to new | semmle.label | call to new |
| string_flow.rb:3:10:3:22 | call to new | semmle.label | call to new |
| string_flow.rb:3:21:3:21 | a | semmle.label | a |
| string_flow.rb:3:21:3:21 | a | semmle.label | a |
| string_flow.rb:7:5:7:5 | a | semmle.label | a |
| string_flow.rb:7:9:7:18 | call to source | semmle.label | call to source |
| string_flow.rb:8:5:8:5 | b | semmle.label | b |
| string_flow.rb:8:9:8:16 | call to source | semmle.label | call to source |
| string_flow.rb:9:10:9:30 | call to try_convert | semmle.label | call to try_convert |
| string_flow.rb:9:29:9:29 | a | semmle.label | a |
| string_flow.rb:10:10:10:30 | call to try_convert | semmle.label | call to try_convert |
| string_flow.rb:10:29:10:29 | b | semmle.label | b |
| string_flow.rb:14:5:14:5 | a | semmle.label | a |
| string_flow.rb:14:9:14:18 | call to source | semmle.label | call to source |
| string_flow.rb:15:10:15:17 | ... % ... | semmle.label | ... % ... |
| string_flow.rb:15:17:15:17 | a | semmle.label | a |
| string_flow.rb:16:10:16:29 | ... % ... | semmle.label | ... % ... |
| string_flow.rb:16:28:16:28 | a | semmle.label | a |
| string_flow.rb:17:10:17:10 | a | semmle.label | a |
| string_flow.rb:17:10:17:18 | ... % ... | semmle.label | ... % ... |
| string_flow.rb:21:5:21:5 | a | semmle.label | a |
| string_flow.rb:21:9:21:18 | call to source | semmle.label | call to source |
| string_flow.rb:22:5:22:5 | b | semmle.label | b |
| string_flow.rb:23:10:23:10 | b | semmle.label | b |
| string_flow.rb:27:5:27:5 | a | semmle.label | a |
| string_flow.rb:27:9:27:18 | call to source | semmle.label | call to source |
| string_flow.rb:28:5:28:5 | b | semmle.label | b |
| string_flow.rb:29:10:29:10 | b | semmle.label | b |
| string_flow.rb:33:5:33:5 | a | semmle.label | a |
| string_flow.rb:33:9:33:18 | call to source | semmle.label | call to source |
| string_flow.rb:34:5:34:5 | b | semmle.label | b |
| string_flow.rb:35:10:35:10 | b | semmle.label | b |
| string_flow.rb:36:5:36:5 | c | semmle.label | c |
| string_flow.rb:37:10:37:10 | c | semmle.label | c |
| string_flow.rb:41:5:41:5 | a | semmle.label | a |
| string_flow.rb:41:9:41:18 | call to source | semmle.label | call to source |
| string_flow.rb:42:10:42:10 | a | semmle.label | a |
| string_flow.rb:42:10:42:12 | call to b | semmle.label | call to b |
| string_flow.rb:46:5:46:5 | a | semmle.label | a |
| string_flow.rb:46:9:46:18 | call to source | semmle.label | call to source |
| string_flow.rb:47:10:47:10 | a | semmle.label | a |
| string_flow.rb:47:10:47:23 | call to byteslice | semmle.label | call to byteslice |
| string_flow.rb:48:10:48:10 | a | semmle.label | a |
| string_flow.rb:48:10:48:26 | call to byteslice | semmle.label | call to byteslice |
| string_flow.rb:49:10:49:10 | a | semmle.label | a |
| string_flow.rb:49:10:49:26 | call to byteslice | semmle.label | call to byteslice |
| string_flow.rb:53:5:53:5 | a | semmle.label | a |
| string_flow.rb:53:9:53:18 | call to source | semmle.label | call to source |
| string_flow.rb:54:10:54:10 | a | semmle.label | a |
| string_flow.rb:54:10:54:21 | call to capitalize | semmle.label | call to capitalize |
| string_flow.rb:55:10:55:10 | a | semmle.label | a |
| string_flow.rb:55:10:55:22 | call to capitalize! | semmle.label | call to capitalize! |
| string_flow.rb:59:5:59:5 | a | semmle.label | a |
| string_flow.rb:59:9:59:18 | call to source | semmle.label | call to source |
| string_flow.rb:60:10:60:10 | a | semmle.label | a |
| string_flow.rb:60:10:60:21 | call to center | semmle.label | call to center |
| string_flow.rb:61:10:61:28 | call to center | semmle.label | call to center |
| string_flow.rb:61:27:61:27 | a | semmle.label | a |
| string_flow.rb:62:10:62:10 | a | semmle.label | a |
| string_flow.rb:62:10:62:20 | call to ljust | semmle.label | call to ljust |
| string_flow.rb:63:10:63:27 | call to ljust | semmle.label | call to ljust |
| string_flow.rb:63:26:63:26 | a | semmle.label | a |
| string_flow.rb:64:10:64:10 | a | semmle.label | a |
| string_flow.rb:64:10:64:20 | call to rjust | semmle.label | call to rjust |
| string_flow.rb:65:10:65:27 | call to rjust | semmle.label | call to rjust |
| string_flow.rb:65:26:65:26 | a | semmle.label | a |
| string_flow.rb:69:5:69:5 | a | semmle.label | a |
| string_flow.rb:69:9:69:18 | call to source | semmle.label | call to source |
| string_flow.rb:70:10:70:10 | a | semmle.label | a |
| string_flow.rb:70:10:70:16 | call to chomp | semmle.label | call to chomp |
| string_flow.rb:71:10:71:10 | a | semmle.label | a |
| string_flow.rb:71:10:71:17 | call to chomp! | semmle.label | call to chomp! |
| string_flow.rb:75:5:75:5 | a | semmle.label | a |
| string_flow.rb:75:9:75:18 | call to source | semmle.label | call to source |
| string_flow.rb:76:10:76:10 | a | semmle.label | a |
| string_flow.rb:76:10:76:15 | call to chop | semmle.label | call to chop |
| string_flow.rb:77:10:77:10 | a | semmle.label | a |
| string_flow.rb:77:10:77:16 | call to chop! | semmle.label | call to chop! |
| string_flow.rb:83:5:83:5 | a | semmle.label | a |
| string_flow.rb:83:5:83:5 | a | semmle.label | a |
| string_flow.rb:83:9:83:18 | call to source | semmle.label | call to source |
| string_flow.rb:83:9:83:18 | call to source | semmle.label | call to source |
| string_flow.rb:84:5:84:5 | [post] a | semmle.label | [post] a |
| string_flow.rb:84:5:84:5 | [post] a | semmle.label | [post] a |
| string_flow.rb:84:5:84:5 | a | semmle.label | a |
| string_flow.rb:84:5:84:5 | a | semmle.label | a |
| string_flow.rb:85:10:85:10 | a | semmle.label | a |
| string_flow.rb:85:10:85:10 | a | semmle.label | a |
| string_flow.rb:108:5:108:5 | a | semmle.label | a |
| string_flow.rb:108:9:108:18 | call to source | semmle.label | call to source |
| string_flow.rb:109:10:109:10 | [post] a | semmle.label | [post] a |
| string_flow.rb:109:10:109:10 | a | semmle.label | a |
| string_flow.rb:109:10:109:22 | call to delete | semmle.label | call to delete |
| string_flow.rb:110:10:110:10 | a | semmle.label | a |
| string_flow.rb:110:10:110:29 | call to delete_prefix | semmle.label | call to delete_prefix |
| string_flow.rb:111:10:111:10 | a | semmle.label | a |
| string_flow.rb:111:10:111:29 | call to delete_suffix | semmle.label | call to delete_suffix |
| string_flow.rb:115:5:115:5 | a | semmle.label | a |
| string_flow.rb:115:9:115:18 | call to source | semmle.label | call to source |
| string_flow.rb:116:10:116:10 | a | semmle.label | a |
| string_flow.rb:116:10:116:19 | call to downcase | semmle.label | call to downcase |
| string_flow.rb:117:10:117:10 | a | semmle.label | a |
| string_flow.rb:117:10:117:20 | call to downcase! | semmle.label | call to downcase! |
| string_flow.rb:118:10:118:10 | a | semmle.label | a |
| string_flow.rb:118:10:118:19 | call to swapcase | semmle.label | call to swapcase |
| string_flow.rb:119:10:119:10 | a | semmle.label | a |
| string_flow.rb:119:10:119:20 | call to swapcase! | semmle.label | call to swapcase! |
| string_flow.rb:120:10:120:10 | a | semmle.label | a |
| string_flow.rb:120:10:120:17 | call to upcase | semmle.label | call to upcase |
| string_flow.rb:121:10:121:10 | a | semmle.label | a |
| string_flow.rb:121:10:121:18 | call to upcase! | semmle.label | call to upcase! |
| string_flow.rb:125:5:125:5 | a | semmle.label | a |
| string_flow.rb:125:9:125:18 | call to source | semmle.label | call to source |
| string_flow.rb:126:5:126:5 | b | semmle.label | b |
| string_flow.rb:126:9:126:9 | a | semmle.label | a |
| string_flow.rb:126:9:126:14 | call to dump | semmle.label | call to dump |
| string_flow.rb:127:10:127:10 | b | semmle.label | b |
| string_flow.rb:128:10:128:10 | b | semmle.label | b |
| string_flow.rb:128:10:128:17 | call to undump | semmle.label | call to undump |
| string_flow.rb:132:5:132:5 | a | semmle.label | a |
| string_flow.rb:132:9:132:18 | call to source | semmle.label | call to source |
| string_flow.rb:133:5:133:5 | b | semmle.label | b |
| string_flow.rb:133:9:133:9 | a | semmle.label | a |
| string_flow.rb:133:9:133:40 | call to each_line | semmle.label | call to each_line |
| string_flow.rb:133:24:133:27 | line | semmle.label | line |
| string_flow.rb:133:35:133:38 | line | semmle.label | line |
| string_flow.rb:134:10:134:10 | b | semmle.label | b |
| string_flow.rb:135:5:135:5 | c [element] | semmle.label | c [element] |
| string_flow.rb:135:9:135:9 | a | semmle.label | a |
| string_flow.rb:135:9:135:19 | call to each_line [element] | semmle.label | call to each_line [element] |
| string_flow.rb:136:10:136:10 | c [element] | semmle.label | c [element] |
| string_flow.rb:136:10:136:15 | call to to_a [element] | semmle.label | call to to_a [element] |
| string_flow.rb:136:10:136:18 | ...[...] | semmle.label | ...[...] |
| string_flow.rb:140:5:140:5 | a | semmle.label | a |
| string_flow.rb:140:9:140:18 | call to source | semmle.label | call to source |
| string_flow.rb:141:5:141:5 | b | semmle.label | b |
| string_flow.rb:141:9:141:9 | a | semmle.label | a |
| string_flow.rb:141:9:141:36 | call to lines | semmle.label | call to lines |
| string_flow.rb:141:20:141:23 | line | semmle.label | line |
| string_flow.rb:141:31:141:34 | line | semmle.label | line |
| string_flow.rb:142:10:142:10 | b | semmle.label | b |
| string_flow.rb:143:5:143:5 | c [element] | semmle.label | c [element] |
| string_flow.rb:143:9:143:9 | a | semmle.label | a |
| string_flow.rb:143:9:143:15 | call to lines [element] | semmle.label | call to lines [element] |
| string_flow.rb:144:10:144:10 | c [element] | semmle.label | c [element] |
| string_flow.rb:144:10:144:13 | ...[...] | semmle.label | ...[...] |
| string_flow.rb:148:5:148:5 | a | semmle.label | a |
| string_flow.rb:148:9:148:18 | call to source | semmle.label | call to source |
| string_flow.rb:149:10:149:10 | a | semmle.label | a |
| string_flow.rb:149:10:149:26 | call to encode | semmle.label | call to encode |
| string_flow.rb:150:10:150:10 | a | semmle.label | a |
| string_flow.rb:150:10:150:27 | call to encode! | semmle.label | call to encode! |
| string_flow.rb:151:10:151:10 | a | semmle.label | a |
| string_flow.rb:151:10:151:28 | call to unicode_normalize | semmle.label | call to unicode_normalize |
| string_flow.rb:152:10:152:10 | a | semmle.label | a |
| string_flow.rb:152:10:152:29 | call to unicode_normalize! | semmle.label | call to unicode_normalize! |
| string_flow.rb:156:5:156:5 | a | semmle.label | a |
| string_flow.rb:156:9:156:18 | call to source | semmle.label | call to source |
| string_flow.rb:157:10:157:10 | a | semmle.label | a |
| string_flow.rb:157:10:157:34 | call to force_encoding | semmle.label | call to force_encoding |
| string_flow.rb:161:5:161:5 | a | semmle.label | a |
| string_flow.rb:161:9:161:18 | call to source | semmle.label | call to source |
| string_flow.rb:162:10:162:10 | a | semmle.label | a |
| string_flow.rb:162:10:162:17 | call to freeze | semmle.label | call to freeze |
| string_flow.rb:166:5:166:5 | a | semmle.label | a |
| string_flow.rb:166:9:166:18 | call to source | semmle.label | call to source |
| string_flow.rb:167:5:167:5 | c | semmle.label | c |
| string_flow.rb:167:9:167:18 | call to source | semmle.label | call to source |
| string_flow.rb:168:10:168:10 | a | semmle.label | a |
| string_flow.rb:168:10:168:23 | call to gsub | semmle.label | call to gsub |
| string_flow.rb:168:22:168:22 | c | semmle.label | c |
| string_flow.rb:169:10:169:10 | a | semmle.label | a |
| string_flow.rb:169:10:169:24 | call to gsub! | semmle.label | call to gsub! |
| string_flow.rb:169:23:169:23 | c | semmle.label | c |
| string_flow.rb:170:10:170:10 | a | semmle.label | a |
| string_flow.rb:170:10:170:43 | call to gsub | semmle.label | call to gsub |
| string_flow.rb:170:32:170:41 | call to source | semmle.label | call to source |
| string_flow.rb:171:10:171:10 | a | semmle.label | a |
| string_flow.rb:171:10:171:44 | call to gsub! | semmle.label | call to gsub! |
| string_flow.rb:171:33:171:42 | call to source | semmle.label | call to source |
| string_flow.rb:175:5:175:5 | a | semmle.label | a |
| string_flow.rb:175:9:175:18 | call to source | semmle.label | call to source |
| string_flow.rb:176:5:176:5 | c | semmle.label | c |
| string_flow.rb:176:9:176:18 | call to source | semmle.label | call to source |
| string_flow.rb:177:10:177:10 | a | semmle.label | a |
| string_flow.rb:177:10:177:22 | call to sub | semmle.label | call to sub |
| string_flow.rb:177:21:177:21 | c | semmle.label | c |
| string_flow.rb:178:10:178:10 | a | semmle.label | a |
| string_flow.rb:178:10:178:23 | call to sub! | semmle.label | call to sub! |
| string_flow.rb:178:22:178:22 | c | semmle.label | c |
| string_flow.rb:179:10:179:10 | a | semmle.label | a |
| string_flow.rb:179:10:179:42 | call to sub | semmle.label | call to sub |
| string_flow.rb:179:31:179:40 | call to source | semmle.label | call to source |
| string_flow.rb:180:10:180:10 | a | semmle.label | a |
| string_flow.rb:180:10:180:43 | call to sub! | semmle.label | call to sub! |
| string_flow.rb:180:32:180:41 | call to source | semmle.label | call to source |
| string_flow.rb:191:5:191:5 | a | semmle.label | a |
| string_flow.rb:191:9:191:18 | call to source | semmle.label | call to source |
| string_flow.rb:192:10:192:10 | a | semmle.label | a |
| string_flow.rb:192:10:192:18 | call to inspect | semmle.label | call to inspect |
| string_flow.rb:196:5:196:5 | a | semmle.label | a |
| string_flow.rb:196:9:196:18 | call to source | semmle.label | call to source |
| string_flow.rb:197:10:197:10 | a | semmle.label | a |
| string_flow.rb:197:10:197:16 | call to strip | semmle.label | call to strip |
| string_flow.rb:198:10:198:10 | a | semmle.label | a |
| string_flow.rb:198:10:198:17 | call to strip! | semmle.label | call to strip! |
| string_flow.rb:199:10:199:10 | a | semmle.label | a |
| string_flow.rb:199:10:199:17 | call to lstrip | semmle.label | call to lstrip |
| string_flow.rb:200:10:200:10 | a | semmle.label | a |
| string_flow.rb:200:10:200:18 | call to lstrip! | semmle.label | call to lstrip! |
| string_flow.rb:201:10:201:10 | a | semmle.label | a |
| string_flow.rb:201:10:201:17 | call to rstrip | semmle.label | call to rstrip |
| string_flow.rb:202:10:202:10 | a | semmle.label | a |
| string_flow.rb:202:10:202:18 | call to rstrip! | semmle.label | call to rstrip! |
| string_flow.rb:206:5:206:5 | a | semmle.label | a |
| string_flow.rb:206:9:206:18 | call to source | semmle.label | call to source |
| string_flow.rb:207:10:207:10 | a | semmle.label | a |
| string_flow.rb:207:10:207:15 | call to next | semmle.label | call to next |
| string_flow.rb:208:10:208:10 | a | semmle.label | a |
| string_flow.rb:208:10:208:16 | call to next! | semmle.label | call to next! |
| string_flow.rb:209:10:209:10 | a | semmle.label | a |
| string_flow.rb:209:10:209:15 | call to succ | semmle.label | call to succ |
| string_flow.rb:210:10:210:10 | a | semmle.label | a |
| string_flow.rb:210:10:210:16 | call to succ! | semmle.label | call to succ! |
| string_flow.rb:214:5:214:5 | a | semmle.label | a |
| string_flow.rb:214:9:214:18 | call to source | semmle.label | call to source |
| string_flow.rb:215:5:215:5 | b [element 0] | semmle.label | b [element 0] |
| string_flow.rb:215:5:215:5 | b [element 1] | semmle.label | b [element 1] |
| string_flow.rb:215:5:215:5 | b [element 2] | semmle.label | b [element 2] |
| string_flow.rb:215:9:215:9 | a | semmle.label | a |
| string_flow.rb:215:9:215:24 | call to partition [element 0] | semmle.label | call to partition [element 0] |
| string_flow.rb:215:9:215:24 | call to partition [element 1] | semmle.label | call to partition [element 1] |
| string_flow.rb:215:9:215:24 | call to partition [element 2] | semmle.label | call to partition [element 2] |
| string_flow.rb:216:10:216:10 | b [element 0] | semmle.label | b [element 0] |
| string_flow.rb:216:10:216:13 | ...[...] | semmle.label | ...[...] |
| string_flow.rb:217:10:217:10 | b [element 1] | semmle.label | b [element 1] |
| string_flow.rb:217:10:217:13 | ...[...] | semmle.label | ...[...] |
| string_flow.rb:218:10:218:10 | b [element 2] | semmle.label | b [element 2] |
| string_flow.rb:218:10:218:13 | ...[...] | semmle.label | ...[...] |
| string_flow.rb:223:5:223:5 | a | semmle.label | a |
| string_flow.rb:223:5:223:5 | a | semmle.label | a |
| string_flow.rb:223:9:223:18 | call to source | semmle.label | call to source |
| string_flow.rb:223:9:223:18 | call to source | semmle.label | call to source |
| string_flow.rb:224:5:224:5 | b | semmle.label | b |
| string_flow.rb:224:9:224:18 | call to source | semmle.label | call to source |
| string_flow.rb:225:10:225:10 | [post] a | semmle.label | [post] a |
| string_flow.rb:225:10:225:10 | [post] a | semmle.label | [post] a |
| string_flow.rb:225:10:225:10 | a | semmle.label | a |
| string_flow.rb:225:10:225:10 | a | semmle.label | a |
| string_flow.rb:225:10:225:21 | call to replace | semmle.label | call to replace |
| string_flow.rb:225:20:225:20 | b | semmle.label | b |
| string_flow.rb:227:10:227:10 | a | semmle.label | a |
| string_flow.rb:227:10:227:10 | a | semmle.label | a |
| string_flow.rb:231:5:231:5 | a | semmle.label | a |
| string_flow.rb:231:9:231:18 | call to source | semmle.label | call to source |
| string_flow.rb:232:10:232:10 | a | semmle.label | a |
| string_flow.rb:232:10:232:18 | call to reverse | semmle.label | call to reverse |
| string_flow.rb:236:5:236:5 | a | semmle.label | a |
| string_flow.rb:236:9:236:18 | call to source | semmle.label | call to source |
| string_flow.rb:237:9:237:9 | a | semmle.label | a |
| string_flow.rb:237:24:237:24 | x | semmle.label | x |
| string_flow.rb:237:35:237:35 | x | semmle.label | x |
| string_flow.rb:238:5:238:5 | b | semmle.label | b |
| string_flow.rb:238:9:238:9 | a | semmle.label | a |
| string_flow.rb:238:9:238:37 | call to scan | semmle.label | call to scan |
| string_flow.rb:238:27:238:27 | y | semmle.label | y |
| string_flow.rb:238:35:238:35 | y | semmle.label | y |
| string_flow.rb:239:10:239:10 | b | semmle.label | b |
| string_flow.rb:240:5:240:5 | b [element] | semmle.label | b [element] |
| string_flow.rb:240:9:240:9 | a | semmle.label | a |
| string_flow.rb:240:9:240:19 | call to scan [element] | semmle.label | call to scan [element] |
| string_flow.rb:241:10:241:10 | b [element] | semmle.label | b [element] |
| string_flow.rb:241:10:241:13 | ...[...] | semmle.label | ...[...] |
| string_flow.rb:242:10:242:10 | b [element] | semmle.label | b [element] |
| string_flow.rb:242:10:242:13 | ...[...] | semmle.label | ...[...] |
| string_flow.rb:246:5:246:5 | a | semmle.label | a |
| string_flow.rb:246:9:246:18 | call to source | semmle.label | call to source |
| string_flow.rb:247:10:247:10 | a | semmle.label | a |
| string_flow.rb:247:10:247:21 | call to scrub | semmle.label | call to scrub |
| string_flow.rb:248:10:248:21 | call to scrub | semmle.label | call to scrub |
| string_flow.rb:248:20:248:20 | a | semmle.label | a |
| string_flow.rb:249:5:249:5 | a | semmle.label | a |
| string_flow.rb:249:16:249:16 | x | semmle.label | x |
| string_flow.rb:249:24:249:24 | x | semmle.label | x |
| string_flow.rb:250:10:250:28 | call to scrub | semmle.label | call to scrub |
| string_flow.rb:250:26:250:26 | a | semmle.label | a |
| string_flow.rb:252:10:252:10 | a | semmle.label | a |
| string_flow.rb:252:10:252:22 | call to scrub! | semmle.label | call to scrub! |
| string_flow.rb:253:10:253:22 | call to scrub! | semmle.label | call to scrub! |
| string_flow.rb:253:21:253:21 | a | semmle.label | a |
| string_flow.rb:255:5:255:5 | a | semmle.label | a |
| string_flow.rb:255:9:255:18 | call to source | semmle.label | call to source |
| string_flow.rb:256:5:256:5 | a | semmle.label | a |
| string_flow.rb:256:17:256:17 | x | semmle.label | x |
| string_flow.rb:256:25:256:25 | x | semmle.label | x |
| string_flow.rb:258:10:258:29 | call to scrub! | semmle.label | call to scrub! |
| string_flow.rb:258:27:258:27 | a | semmle.label | a |
| string_flow.rb:262:5:262:5 | a | semmle.label | a |
| string_flow.rb:262:9:262:18 | call to source | semmle.label | call to source |
| string_flow.rb:263:10:263:10 | a | semmle.label | a |
| string_flow.rb:263:10:263:22 | call to shellescape | semmle.label | call to shellescape |
| string_flow.rb:267:5:267:5 | a | semmle.label | a |
| string_flow.rb:267:9:267:18 | call to source | semmle.label | call to source |
| string_flow.rb:268:5:268:5 | b [element] | semmle.label | b [element] |
| string_flow.rb:268:9:268:9 | a | semmle.label | a |
| string_flow.rb:268:9:268:20 | call to shellsplit [element] | semmle.label | call to shellsplit [element] |
| string_flow.rb:269:10:269:10 | b [element] | semmle.label | b [element] |
| string_flow.rb:269:10:269:13 | ...[...] | semmle.label | ...[...] |
| string_flow.rb:273:5:273:5 | a | semmle.label | a |
| string_flow.rb:273:9:273:18 | call to source | semmle.label | call to source |
| string_flow.rb:274:5:274:5 | b | semmle.label | b |
| string_flow.rb:274:9:274:9 | a | semmle.label | a |
| string_flow.rb:274:9:274:18 | call to slice | semmle.label | call to slice |
| string_flow.rb:275:10:275:10 | b | semmle.label | b |
| string_flow.rb:275:10:275:13 | ...[...] | semmle.label | ...[...] |
| string_flow.rb:277:5:277:5 | b | semmle.label | b |
| string_flow.rb:277:9:277:9 | [post] a | semmle.label | [post] a |
| string_flow.rb:277:9:277:9 | [post] a [element 1] | semmle.label | [post] a [element 1] |
| string_flow.rb:277:9:277:9 | [post] a [element 2] | semmle.label | [post] a [element 2] |
| string_flow.rb:277:9:277:9 | [post] a [element] | semmle.label | [post] a [element] |
| string_flow.rb:277:9:277:9 | a | semmle.label | a |
| string_flow.rb:277:9:277:19 | call to slice! | semmle.label | call to slice! |
| string_flow.rb:278:10:278:10 | b | semmle.label | b |
| string_flow.rb:278:10:278:13 | ...[...] | semmle.label | ...[...] |
| string_flow.rb:280:5:280:5 | b | semmle.label | b |
| string_flow.rb:280:9:280:9 | a | semmle.label | a |
| string_flow.rb:280:9:280:20 | call to split | semmle.label | call to split |
| string_flow.rb:281:10:281:10 | b | semmle.label | b |
| string_flow.rb:281:10:281:13 | ...[...] | semmle.label | ...[...] |
| string_flow.rb:283:5:283:5 | b | semmle.label | b |
| string_flow.rb:283:5:283:5 | b [element 0] | semmle.label | b [element 0] |
| string_flow.rb:283:5:283:5 | b [element 1] | semmle.label | b [element 1] |
| string_flow.rb:283:5:283:5 | b [element] | semmle.label | b [element] |
| string_flow.rb:283:9:283:9 | a | semmle.label | a |
| string_flow.rb:283:9:283:9 | a [element 1] | semmle.label | a [element 1] |
| string_flow.rb:283:9:283:9 | a [element 2] | semmle.label | a [element 2] |
| string_flow.rb:283:9:283:9 | a [element] | semmle.label | a [element] |
| string_flow.rb:283:9:283:14 | ...[...] | semmle.label | ...[...] |
| string_flow.rb:283:9:283:14 | ...[...] [element 0] | semmle.label | ...[...] [element 0] |
| string_flow.rb:283:9:283:14 | ...[...] [element 1] | semmle.label | ...[...] [element 1] |
| string_flow.rb:283:9:283:14 | ...[...] [element] | semmle.label | ...[...] [element] |
| string_flow.rb:284:10:284:10 | b | semmle.label | b |
| string_flow.rb:284:10:284:10 | b [element 0] | semmle.label | b [element 0] |
| string_flow.rb:284:10:284:10 | b [element 1] | semmle.label | b [element 1] |
| string_flow.rb:284:10:284:10 | b [element] | semmle.label | b [element] |
| string_flow.rb:284:10:284:13 | ...[...] | semmle.label | ...[...] |
| string_flow.rb:288:5:288:5 | a | semmle.label | a |
| string_flow.rb:288:9:288:18 | call to source | semmle.label | call to source |
| string_flow.rb:289:10:289:10 | a | semmle.label | a |
| string_flow.rb:289:10:289:18 | call to squeeze | semmle.label | call to squeeze |
| string_flow.rb:290:10:290:10 | a | semmle.label | a |
| string_flow.rb:290:10:290:23 | call to squeeze | semmle.label | call to squeeze |
| string_flow.rb:291:10:291:10 | a | semmle.label | a |
| string_flow.rb:291:10:291:19 | call to squeeze! | semmle.label | call to squeeze! |
| string_flow.rb:292:10:292:10 | a | semmle.label | a |
| string_flow.rb:292:10:292:24 | call to squeeze! | semmle.label | call to squeeze! |
| string_flow.rb:296:5:296:5 | a | semmle.label | a |
| string_flow.rb:296:9:296:18 | call to source | semmle.label | call to source |
| string_flow.rb:297:10:297:10 | a | semmle.label | a |
| string_flow.rb:297:10:297:17 | call to to_str | semmle.label | call to to_str |
| string_flow.rb:298:10:298:10 | a | semmle.label | a |
| string_flow.rb:298:10:298:15 | call to to_s | semmle.label | call to to_s |
| string_flow.rb:302:5:302:5 | a | semmle.label | a |
| string_flow.rb:302:9:302:18 | call to source | semmle.label | call to source |
| string_flow.rb:303:10:303:10 | a | semmle.label | a |
| string_flow.rb:303:10:303:23 | call to tr | semmle.label | call to tr |
| string_flow.rb:304:10:304:23 | call to tr | semmle.label | call to tr |
| string_flow.rb:304:22:304:22 | a | semmle.label | a |
| string_flow.rb:305:10:305:10 | a | semmle.label | a |
| string_flow.rb:305:10:305:24 | call to tr! | semmle.label | call to tr! |
| string_flow.rb:306:10:306:24 | call to tr! | semmle.label | call to tr! |
| string_flow.rb:306:23:306:23 | a | semmle.label | a |
| string_flow.rb:307:10:307:10 | a | semmle.label | a |
| string_flow.rb:307:10:307:25 | call to tr_s | semmle.label | call to tr_s |
| string_flow.rb:308:10:308:25 | call to tr_s | semmle.label | call to tr_s |
| string_flow.rb:308:24:308:24 | a | semmle.label | a |
| string_flow.rb:309:10:309:10 | a | semmle.label | a |
| string_flow.rb:309:10:309:26 | call to tr_s! | semmle.label | call to tr_s! |
| string_flow.rb:310:10:310:26 | call to tr_s! | semmle.label | call to tr_s! |
| string_flow.rb:310:25:310:25 | a | semmle.label | a |
| string_flow.rb:314:5:314:5 | a | semmle.label | a |
| string_flow.rb:314:9:314:18 | call to source | semmle.label | call to source |
| string_flow.rb:315:5:315:5 | a | semmle.label | a |
| string_flow.rb:315:20:315:20 | x | semmle.label | x |
| string_flow.rb:315:28:315:28 | x | semmle.label | x |
| string_flow.rb:316:5:316:5 | a | semmle.label | a |
| string_flow.rb:316:26:316:26 | x | semmle.label | x |
| string_flow.rb:316:34:316:34 | x | semmle.label | x |
| string_flow.rb:317:14:317:14 | a | semmle.label | a |
| string_flow.rb:317:20:317:20 | x | semmle.label | x |
| string_flow.rb:317:28:317:28 | x | semmle.label | x |
subpaths
#select
| string_flow.rb:3:10:3:22 | call to new | string_flow.rb:2:9:2:18 | call to source | string_flow.rb:3:10:3:22 | call to new | $@ | string_flow.rb:2:9:2:18 | call to source | call to source |

2
ruby/ql/test/library-tests/dataflow/string-flow/string-flow.ql
View File

@@ -5,7 +5,7 @@
import codeql.ruby.AST
import TestUtilities.InlineFlowTest
import DefaultFlowTest
import PathGraph
import ValueFlow::PathGraph
from ValueFlow::PathNode source, ValueFlow::PathNode sink
where ValueFlow::flowPath(source, sink)

1
ruby/ql/test/library-tests/dataflow/summaries/Summaries.expected
View File

@@ -1,4 +1,3 @@
failures
testFailures
edges
| summaries.rb:1:1:1:7 | tainted | summaries.rb:2:6:2:12 | tainted |

1
ruby/ql/test/library-tests/frameworks/action_controller/params-flow.expected
View File

@@ -1,4 +1,3 @@
failures
testFailures
| filter_flow.rb:21:10:21:13 | @foo | Unexpected result: hasTaintFlow= |
| filter_flow.rb:38:10:38:13 | @foo | Unexpected result: hasTaintFlow= |

2
ruby/ql/test/library-tests/frameworks/action_controller/params-flow.ql
View File

@@ -4,7 +4,7 @@
import ruby
import TestUtilities.InlineFlowTest
import PathGraph
import TaintFlow::PathGraph
import codeql.ruby.frameworks.Rails
module ParamsTaintFlowConfig implements DataFlow::ConfigSig {

1
ruby/ql/test/library-tests/frameworks/action_mailer/params-flow.expected
View File

@@ -1,4 +1,3 @@
failures
testFailures
edges
| mailer.rb:3:10:3:15 | call to params | mailer.rb:3:10:3:21 | ...[...] |

2
ruby/ql/test/library-tests/frameworks/action_mailer/params-flow.ql
View File

@@ -4,7 +4,7 @@
import ruby
import TestUtilities.InlineFlowTest
import PathGraph
import TaintFlow::PathGraph
import codeql.ruby.frameworks.Rails
module ParamsTaintFlowConfig implements DataFlow::ConfigSig {

860
ruby/ql/test/library-tests/frameworks/active_support/ActiveSupportDataFlow.expected
View File

File diff suppressed because it is too large Load Diff

2
ruby/ql/test/library-tests/frameworks/active_support/ActiveSupportDataFlow.ql
View File

@@ -6,7 +6,7 @@ import codeql.ruby.AST
import TestUtilities.InlineFlowTest
import codeql.ruby.Frameworks
import DefaultFlowTest
import PathGraph
import ValueFlow::PathGraph
from ValueFlow::PathNode source, ValueFlow::PathNode sink
where ValueFlow::flowPath(source, sink)

11
ruby/ql/test/library-tests/frameworks/arel/Arel.expected
View File

@@ -1,4 +1,13 @@
failures
testFailures
edges
| arel.rb:2:3:2:3 | x | arel.rb:3:17:3:17 | x |
| arel.rb:2:7:2:14 | call to source | arel.rb:2:3:2:3 | x |
| arel.rb:3:17:3:17 | x | arel.rb:3:8:3:18 | call to sql |
nodes
| arel.rb:2:3:2:3 | x | semmle.label | x |
| arel.rb:2:7:2:14 | call to source | semmle.label | call to source |
| arel.rb:3:8:3:18 | call to sql | semmle.label | call to sql |
| arel.rb:3:17:3:17 | x | semmle.label | x |
subpaths
#select
| arel.rb:3:8:3:18 | call to sql | arel.rb:2:7:2:14 | call to source | arel.rb:3:8:3:18 | call to sql | $@ | arel.rb:2:7:2:14 | call to source | call to source |

1
ruby/ql/test/library-tests/frameworks/arel/Arel.ql
View File

@@ -6,6 +6,7 @@ import codeql.ruby.frameworks.Arel
import codeql.ruby.AST
import TestUtilities.InlineFlowTest
import DefaultFlowTest
import TaintFlow::PathGraph
from TaintFlow::PathNode source, TaintFlow::PathNode sink
where TaintFlow::flowPath(source, sink)

1
ruby/ql/test/library-tests/frameworks/json/JsonDataFlow.expected
View File

@@ -1,4 +1,3 @@
failures
testFailures
edges
| json.rb:1:17:1:26 | call to source | json.rb:1:6:1:27 | call to parse |

8
ruby/ql/test/library-tests/frameworks/sinatra/Flow.expected
View File

@@ -1,4 +1,3 @@
failures
testFailures
| views/index.erb:2:10:2:12 | call to foo | Unexpected result: hasTaintFlow= |
edges
@@ -7,19 +6,12 @@ edges
| app.rb:75:12:75:24 | ...[...] | app.rb:75:5:75:8 | [post] self [@foo] |
| app.rb:76:32:76:35 | @foo | views/index.erb:2:10:2:12 | call to foo |
| app.rb:76:32:76:35 | self [@foo] | app.rb:76:32:76:35 | @foo |
| app.rb:95:10:95:14 | self [@user] | app.rb:95:10:95:14 | @user |
| app.rb:103:5:103:9 | [post] self [@user] | app.rb:95:10:95:14 | self [@user] |
| app.rb:103:13:103:22 | call to source | app.rb:103:5:103:9 | [post] self [@user] |
nodes
| app.rb:75:5:75:8 | [post] self [@foo] | semmle.label | [post] self [@foo] |
| app.rb:75:12:75:17 | call to params | semmle.label | call to params |
| app.rb:75:12:75:24 | ...[...] | semmle.label | ...[...] |
| app.rb:76:32:76:35 | @foo | semmle.label | @foo |
| app.rb:76:32:76:35 | self [@foo] | semmle.label | self [@foo] |
| app.rb:95:10:95:14 | @user | semmle.label | @user |
| app.rb:95:10:95:14 | self [@user] | semmle.label | self [@user] |
| app.rb:103:5:103:9 | [post] self [@user] | semmle.label | [post] self [@user] |
| app.rb:103:13:103:22 | call to source | semmle.label | call to source |
| views/index.erb:2:10:2:12 | call to foo | semmle.label | call to foo |
subpaths
#select

2
ruby/ql/test/library-tests/frameworks/sinatra/Flow.ql
View File

@@ -4,7 +4,7 @@
import ruby
import TestUtilities.InlineFlowTest
import PathGraph
import TaintFlow::PathGraph
import codeql.ruby.frameworks.Sinatra
import codeql.ruby.Concepts

20
ruby/ql/test/query-tests/experimental/ImproperLdapAuth/ImproperLdapAuth.expected Normal file
View File

@@ -0,0 +1,20 @@
edges
| ImproperLdapAuth.rb:5:5:5:8 | pass | ImproperLdapAuth.rb:15:23:15:26 | pass |
| ImproperLdapAuth.rb:5:12:5:17 | call to params | ImproperLdapAuth.rb:5:12:5:24 | ...[...] |
| ImproperLdapAuth.rb:5:12:5:24 | ...[...] | ImproperLdapAuth.rb:5:5:5:8 | pass |
| ImproperLdapAuth.rb:24:5:24:8 | pass | ImproperLdapAuth.rb:31:24:31:27 | pass |
| ImproperLdapAuth.rb:24:12:24:17 | call to params | ImproperLdapAuth.rb:24:12:24:24 | ...[...] |
| ImproperLdapAuth.rb:24:12:24:24 | ...[...] | ImproperLdapAuth.rb:24:5:24:8 | pass |
nodes
| ImproperLdapAuth.rb:5:5:5:8 | pass | semmle.label | pass |
| ImproperLdapAuth.rb:5:12:5:17 | call to params | semmle.label | call to params |
| ImproperLdapAuth.rb:5:12:5:24 | ...[...] | semmle.label | ...[...] |
| ImproperLdapAuth.rb:15:23:15:26 | pass | semmle.label | pass |
| ImproperLdapAuth.rb:24:5:24:8 | pass | semmle.label | pass |
| ImproperLdapAuth.rb:24:12:24:17 | call to params | semmle.label | call to params |
| ImproperLdapAuth.rb:24:12:24:24 | ...[...] | semmle.label | ...[...] |
| ImproperLdapAuth.rb:31:24:31:27 | pass | semmle.label | pass |
subpaths
#select
| ImproperLdapAuth.rb:15:23:15:26 | pass | ImproperLdapAuth.rb:5:12:5:17 | call to params | ImproperLdapAuth.rb:15:23:15:26 | pass | This LDAP authencation depends on a $@. | ImproperLdapAuth.rb:5:12:5:17 | call to params | user-provided value |
| ImproperLdapAuth.rb:31:24:31:27 | pass | ImproperLdapAuth.rb:24:12:24:17 | call to params | ImproperLdapAuth.rb:31:24:31:27 | pass | This LDAP authencation depends on a $@. | ImproperLdapAuth.rb:24:12:24:17 | call to params | user-provided value |

1
ruby/ql/test/query-tests/experimental/ImproperLdapAuth/ImproperLdapAuth.qlref Normal file
View File

@@ -0,0 +1 @@
experimental/ldap-improper-auth/ImproperLdapAuth.ql

59
ruby/ql/test/query-tests/experimental/ImproperLdapAuth/ImproperLdapAuth.rb Normal file
View File

@@ -0,0 +1,59 @@
class FooController < ActionController::Base
def some_request_handler
# A string tainted by user input is used directly as password
# (i.e a remote flow source)
pass = params[:pass]
# BAD: user input is not sanitized
ldap = Net::LDAP.new(
host: 'ldap.example.com',
port: 636,
encryption: :simple_tls,
auth: {
method: :simple,
username: 'uid=admin,dc=example,dc=com',
password: pass
}
)
ldap.bind
end
def some_request_handler
# A string tainted by user input is used directly as password
# (i.e a remote flow source)
pass = params[:pass]
# BAD: user input is not sanitized
ldap = Net::LDAP.new
ldap.host = your_server_ip_address
ldap.encryption(:method => :simple_tls)
ldap.port = 639
ldap.auth "admin", pass
ldap.bind
end
end
class BarController < ApplicationController
def safe_paths
pass = params[:pass]
# GOOD: barrier guard prevents taint flow
if password.nil? || password.empty?
# protect against passwordless auth from ldap server
pass = "$uper$secure123"
else
pass
end
ldap = Net::LDAP.new(
host: 'ldap.example.com',
port: 636,
encryption: :simple_tls,
auth: {
method: :simple,
username: 'uid=admin,dc=example,dc=com',
password: pass
}
)
end
end

2
ruby/ql/test/query-tests/security/cwe-1333-exponential-redos/ReDoS.expected
View File

@@ -4,7 +4,7 @@
| tst.rb:19:43:19:62 | (?:[^'\\\\]\|\\\\\\\\\|\\\\.)+ | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '\\\\\\\\'. |
| tst.rb:19:67:19:86 | (?:[^)\\\\]\|\\\\\\\\\|\\\\.)+ | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '\\\\\\\\'. |
| tst.rb:31:50:31:51 | .* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '\|\|\\n'. |
| tst.rb:36:19:36:28 | (\\\\\\/\|.)*? | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '\\\\/'. |
| tst.rb:36:19:36:28 | (\\\\\\/\|.)*? | This part of the regular expression may cause exponential backtracking on strings starting with '/' and containing many repetitions of '\\\\/'. |
| tst.rb:41:23:41:24 | .* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '#'. |
| tst.rb:47:27:47:29 | .*? | This part of the regular expression may cause exponential backtracking on strings starting with '"' and containing many repetitions of '""'. |
| tst.rb:47:33:47:35 | .*? | This part of the regular expression may cause exponential backtracking on strings starting with ''' and containing many repetitions of ''''. |