hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ruby: Add File.open as a FileSystemAccess

Browse Source
This commit is contained in:
Harry Maclean
2022-01-20 17:50:00 +13:00
parent 70f4efb834
commit 5dcee6ba27
4 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
ruby/ql/lib/codeql/ruby/frameworks/Files.qll
View File

@@ -212,6 +212,15 @@ module File {
FileInstance() { this = fileInstance() }
}
/**
* A call to `File.open`, considered as a `FileSystemAccess`.
*/
class FileOpen extends DataFlow::CallNode, FileSystemAccess::Range {
FileOpen() { this = API::getTopLevelMember("File").getAMethodCall("open") }
override DataFlow::Node getAPathArgument() { result = this.getArgument(0) }
}
/**
* A read using the `File` module, e.g. the `f.read` call in
*

9
ruby/ql/test/library-tests/frameworks/files/Files.expected
View File

@@ -13,6 +13,8 @@ fileInstances
| Files.rb:23:19:23:33 | call to open |
| Files.rb:24:1:24:40 | ... = ... |
| Files.rb:24:19:24:40 | call to open |
| Files.rb:37:1:37:33 | ... = ... |
| Files.rb:37:14:37:33 | call to open |
ioInstances
| Files.rb:2:1:2:30 | ... = ... |
| Files.rb:2:1:2:30 | ... = ... |
@@ -36,6 +38,8 @@ ioInstances
| Files.rb:24:19:24:40 | call to open |
| Files.rb:35:1:35:56 | ... = ... |
| Files.rb:35:13:35:56 | call to open |
| Files.rb:37:1:37:33 | ... = ... |
| Files.rb:37:14:37:33 | call to open |
fileModuleReaders
| Files.rb:7:13:7:32 | call to readlines |
ioReaders
@@ -55,6 +59,11 @@ fileSystemReadAccesses
| Files.rb:7:13:7:32 | call to readlines |
| Files.rb:20:13:20:25 | call to read |
| Files.rb:29:12:29:29 | call to read |
fileSystemAccesses
| Files.rb:7:13:7:32 | call to readlines |
| Files.rb:20:13:20:25 | call to read |
| Files.rb:29:12:29:29 | call to read |
| Files.rb:37:14:37:33 | call to open |
fileNameSources
| Files.rb:10:6:10:18 | call to path |
| Files.rb:11:6:11:21 | call to to_path |

2
ruby/ql/test/library-tests/frameworks/files/Files.ql
View File

@@ -18,4 +18,6 @@ query predicate fileUtilsFilenameSources(FileUtils::FileUtilsFilenameSource s) {
query predicate fileSystemReadAccesses(FileSystemReadAccess a) { any() }
query predicate fileSystemAccesses(FileSystemAccess a) { any() }
query predicate fileNameSources(FileNameSource s) { any() }

2
ruby/ql/test/library-tests/frameworks/files/Files.rb
View File

@@ -33,3 +33,5 @@ date = IO.read("|date")
# `rand_open` is an `IO` instance
rand_open = IO.open(IO.sysopen("/dev/random", "r"), "r")
foo_file_3 = File.open("foo.txt")