hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 05:05:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ruby: Inline expectation should have space after $

Browse Source 
This was a regex-find-replace from `# \$(?! )` (using a negative lookahead) to `# $ `.
This commit is contained in:
Owen Mansel-Chan
2026-03-04 11:42:15 +00:00
parent 5a97348e78
commit 6001c735ff
12 changed files with 193 additions and 193 deletions
Download Patch File Download Diff File Expand all files Collapse all files

106
ruby/ql/test/library-tests/frameworks/action_controller/params_flow.rb
View File

@@ -1,10 +1,10 @@
class MyController < ActionController::Base
def m1
sink params[:a] # $hasTaintFlow
sink params[:a] # $ hasTaintFlow
end
def m2
sink params.as_json # $hasTaintFlow
sink params.as_json # $ hasTaintFlow
end
def m2
@@ -12,186 +12,186 @@ class MyController < ActionController::Base
end
def m3
sink params.permit(:some_key) # $hasTaintFlow
sink params.permit(:some_key) # $ hasTaintFlow
end
def m4
sink params.require(:some_key) # $hasTaintFlow
sink params.require(:some_key) # $ hasTaintFlow
end
def m5
sink params.required(:some_key) # $hasTaintFlow
sink params.required(:some_key) # $ hasTaintFlow
end
def m6
sink params.deep_dup # $hasTaintFlow
sink params.deep_dup # $ hasTaintFlow
end
def m7
sink params.deep_transform_keys(&:upcase) # $hasTaintFlow
sink params.deep_transform_keys(&:upcase) # $ hasTaintFlow
end
def m8
sink params.deep_transform_keys!(&:upcase) # $hasTaintFlow
sink params.deep_transform_keys!(&:upcase) # $ hasTaintFlow
end
def m9
sink params.delete_if { |v| v.match? regex } # $hasTaintFlow
sink params.delete_if { |v| v.match? regex } # $ hasTaintFlow
end
def m10
sink params.extract!(:a, :b) # $hasTaintFlow
sink params.extract!(:a, :b) # $ hasTaintFlow
end
def m11
sink params.keep_if { |v| v.match? regex } # $hasTaintFlow
sink params.keep_if { |v| v.match? regex } # $ hasTaintFlow
end
def m12
sink params.select { |v| v.match? regex } # $hasTaintFlow
sink params.select { |v| v.match? regex } # $ hasTaintFlow
end
def m13
sink params.select! { |v| v.match? regex } # $hasTaintFlow
sink params.select! { |v| v.match? regex } # $ hasTaintFlow
end
def m14
sink params.reject { |v| v.match? regex } # $hasTaintFlow
sink params.reject { |v| v.match? regex } # $ hasTaintFlow
end
def m15
sink params.reject! { |v| v.match? regex } # $hasTaintFlow
sink params.reject! { |v| v.match? regex } # $ hasTaintFlow
end
def m16
sink params.to_h # $hasTaintFlow
sink params.to_h # $ hasTaintFlow
end
def m17
sink params.to_hash # $hasTaintFlow
sink params.to_hash # $ hasTaintFlow
end
def m18
sink params.to_query # $hasTaintFlow
sink params.to_query # $ hasTaintFlow
end
def m19
sink params.to_param # $hasTaintFlow
sink params.to_param # $ hasTaintFlow
end
def m20
sink params.to_unsafe_h # $hasTaintFlow
sink params.to_unsafe_h # $ hasTaintFlow
end
def m21
sink params.to_unsafe_hash # $hasTaintFlow
sink params.to_unsafe_hash # $ hasTaintFlow
end
def m22
sink params.transform_keys(&:upcase) # $hasTaintFlow
sink params.transform_keys(&:upcase) # $ hasTaintFlow
end
def m23
sink params.transform_keys!(&:upcase) # $hasTaintFlow
sink params.transform_keys!(&:upcase) # $ hasTaintFlow
end
def m24
sink params.transform_values(&:upcase) # $hasTaintFlow
sink params.transform_values(&:upcase) # $ hasTaintFlow
end
def m25
sink params.transform_values!(&:upcase) # $hasTaintFlow
sink params.transform_values!(&:upcase) # $ hasTaintFlow
end
def m26
sink params.values_at(:a, :b) # $hasTaintFlow
sink params.values_at(:a, :b) # $ hasTaintFlow
end
def m27
sink params.merge({a: 1}) # $hasTaintFlow
sink {a: 1}.merge(params) # $hasTaintFlow
sink params.merge({a: 1}) # $ hasTaintFlow
sink {a: 1}.merge(params) # $ hasTaintFlow
end
def m28
sink params.reverse_merge({a: 1}) # $hasTaintFlow
sink {a: 1}.reverse_merge(params) # $hasTaintFlow
sink params.reverse_merge({a: 1}) # $ hasTaintFlow
sink {a: 1}.reverse_merge(params) # $ hasTaintFlow
end
def m29
sink params.with_defaults({a: 1, b: 2}) # $hasTaintFlow
sink {a: 1}.with_defaults(params) # $hasTaintFlow
sink params.with_defaults({a: 1, b: 2}) # $ hasTaintFlow
sink {a: 1}.with_defaults(params) # $ hasTaintFlow
end
def m30
sink params.merge!({a: 1}) # $hasTaintFlow
sink {a: 1}.merge!(params) # $hasTaintFlow
sink params.merge!({a: 1}) # $ hasTaintFlow
sink {a: 1}.merge!(params) # $ hasTaintFlow
p = {a: 1}
p.merge!(params)
sink p # $hasTaintFlow
sink p # $ hasTaintFlow
end
def m31
sink params.reverse_merge!({a: 1}) # $hasTaintFlow
sink {a: 1}.reverse_merge!(params) # $hasTaintFlow
sink params.reverse_merge!({a: 1}) # $ hasTaintFlow
sink {a: 1}.reverse_merge!(params) # $ hasTaintFlow
p = {a: 1}
p.reverse_merge!(params)
sink p # $hasTaintFlow
sink p # $ hasTaintFlow
end
def m32
sink params.with_defaults!({a: 1, b: 2}) # $hasTaintFlow
sink {a: 1}.with_defaults!(params) # $hasTaintFlow
sink params.with_defaults!({a: 1, b: 2}) # $ hasTaintFlow
sink {a: 1}.with_defaults!(params) # $ hasTaintFlow
p = {a: 1}
p.with_defaults!(params)
sink p # $hasTaintFlow
sink p # $ hasTaintFlow
end
def m33
sink params.reverse_update({a: 1, b: 2}) # $hasTaintFlow
sink {a: 1}.reverse_update(params) # $hasTaintFlow
sink params.reverse_update({a: 1, b: 2}) # $ hasTaintFlow
sink {a: 1}.reverse_update(params) # $ hasTaintFlow
p = {a: 1}
p.reverse_update(params)
sink p # $hasTaintFlow
sink p # $ hasTaintFlow
end
include Mixin
end
module Mixin
def m34
sink params[:x] # $hasTaintFlow
sink params[:x] # $ hasTaintFlow
end
end
class Subclass < MyController
def m35
sink params[:x] # $hasTaintFlow
sink params[:x] # $ hasTaintFlow
end
rescue_from 'Foo::Bar' do |err|
sink params[:x] # $hasTaintFlow
sink params[:x] # $ hasTaintFlow
end
end
class UploadedFileTests < MyController
def m36
sink params[:file].original_filename # $hasTaintFlow
sink params[:file].original_filename # $ hasTaintFlow
end
def m37
sink params.require(:file).content_type # $hasTaintFlow
sink params.require(:file).content_type # $ hasTaintFlow
end
def m38
sink params.permit(:file)[:file].headers # $hasTaintFlow
sink params.permit(:file)[:file].headers # $ hasTaintFlow
end
def m39
sink params[:a].to_unsafe_h[:b][:file].read # $hasTaintFlow
sink params[:a].to_unsafe_h[:b][:file].read # $ hasTaintFlow
end
def m40(a)
@@ -204,4 +204,4 @@ class UploadedFileTests < MyController
params[:file].read(nil,a)
sink a # $ hasTaintFlow
end
end
end

2
ruby/ql/test/library-tests/frameworks/action_mailer/mailer.rb
View File

@@ -1,5 +1,5 @@
class MyMailer < ActionMailer::Base
def foo
sink params[:foo] # $hasTaintFlow
sink params[:foo] # $ hasTaintFlow
end
end

116
ruby/ql/test/library-tests/frameworks/active_support/active_support.rb
View File

@@ -8,196 +8,196 @@ ActiveSupport::TaggedLogging.new(STDOUT)
def m_at
x = source "a"
sink x.at(1..3) # $hasTaintFlow=a
sink x.at(1..3) # $ hasTaintFlow=a
end
def m_camelize
x = source "a"
sink x.camelize # $hasTaintFlow=a
sink x.camelize # $ hasTaintFlow=a
end
def m_camelcase
x = source "a"
sink x.camelcase # $hasTaintFlow=a
sink x.camelcase # $ hasTaintFlow=a
end
def m_classify
x = source "a"
sink x.classify # $hasTaintFlow=a
sink x.classify # $ hasTaintFlow=a
end
def m_dasherize
x = source "a"
sink x.dasherize # $hasTaintFlow=a
sink x.dasherize # $ hasTaintFlow=a
end
def m_deconstantize
x = source "a"
sink x.deconstantize # $hasTaintFlow=a
sink x.deconstantize # $ hasTaintFlow=a
end
def m_demodulize
x = source "a"
sink x.demodulize # $hasTaintFlow=a
sink x.demodulize # $ hasTaintFlow=a
end
def first
x = source "a"
sink x.first(3) # $hasTaintFlow=a
sink x.first(3) # $ hasTaintFlow=a
end
def m_foreign_key
x = source "a"
sink x.foreign_key # $hasTaintFlow=a
sink x.foreign_key # $ hasTaintFlow=a
end
def m_from
x = source "a"
sink x.from(3) # $hasTaintFlow=a
sink x.from(3) # $ hasTaintFlow=a
end
def m_html_safe
x = source "a"
sink x.html_safe # $hasTaintFlow=a
sink x.html_safe # $ hasTaintFlow=a
end
def m_humanize
x = source "a"
sink x.humanize # $hasTaintFlow=a
sink x.humanize # $ hasTaintFlow=a
end
def m_indent
x = source "a"
sink x.indent(1) # $hasTaintFlow=a
sink x.indent(1) # $ hasTaintFlow=a
end
def m_indent!
x = source "a"
sink x.indent!(1) # $hasTaintFlow=a
sink x.indent!(1) # $ hasTaintFlow=a
end
def m_inquiry
x = source "a"
sink x.inquiry # $hasTaintFlow=a
sink x.inquiry # $ hasTaintFlow=a
end
def m_last
x = source "a"
sink x.last(1) # $hasTaintFlow=a
sink x.last(1) # $ hasTaintFlow=a
end
def m_mb_chars
x = source "a"
sink x.mb_chars # $hasTaintFlow=a
sink x.mb_chars # $ hasTaintFlow=a
end
def m_parameterize
x = source "a"
sink x.parameterize # $hasTaintFlow=a
sink x.parameterize # $ hasTaintFlow=a
end
def m_pluralize
x = source "a"
sink x.pluralize # $hasTaintFlow=a
sink x.pluralize # $ hasTaintFlow=a
end
def m_remove
x = source "a"
sink x.remove("foo") # $hasTaintFlow=a
sink x.remove("foo") # $ hasTaintFlow=a
end
def m_remove!
x = source "a"
sink x.remove!("foo") # $hasTaintFlow=a
sink x.remove!("foo") # $ hasTaintFlow=a
end
def m_singularize
x = source "a"
sink x.singularize # $hasTaintFlow=a
sink x.singularize # $ hasTaintFlow=a
end
def m_squish
x = source "a"
sink x.squish # $hasTaintFlow=a
sink x.squish # $ hasTaintFlow=a
end
def m_squish!
x = source "a"
sink x.squish! # $hasTaintFlow=a
sink x.squish! # $ hasTaintFlow=a
end
def m_strip_heredoc
x = source "a"
sink x.strip_heredoc # $hasTaintFlow=a
sink x.strip_heredoc # $ hasTaintFlow=a
end
def m_tableize
x = source "a"
sink x.tableize # $hasTaintFlow=a
sink x.tableize # $ hasTaintFlow=a
end
def m_titlecase
x = source "a"
sink x.titlecase # $hasTaintFlow=a
sink x.titlecase # $ hasTaintFlow=a
end
def m_titleize
x = source "a"
sink x.titleize # $hasTaintFlow=a
sink x.titleize # $ hasTaintFlow=a
end
def m_to
x = source "a"
sink x.to(3) # $hasTaintFlow=a
sink x.to(3) # $ hasTaintFlow=a
end
def m_truncate
x = source "a"
sink x.truncate(3) # $hasTaintFlow=a
sink x.truncate(3) # $ hasTaintFlow=a
end
def m_truncate_bytes
x = source "a"
sink x.truncate_bytes(3) # $hasTaintFlow=a
sink x.truncate_bytes(3) # $ hasTaintFlow=a
end
def m_truncate_words
x = source "a"
sink x.truncate_words(3) # $hasTaintFlow=a
sink x.truncate_words(3) # $ hasTaintFlow=a
end
def m_underscore
x = source "a"
sink x.underscore # $hasTaintFlow=a
sink x.underscore # $ hasTaintFlow=a
end
def m_upcase_first
x = source "a"
sink x.upcase_first # $hasTaintFlow=a
sink x.upcase_first # $ hasTaintFlow=a
end
def m_compact_blank
x = [source 1]
y = x.compact_blank
sink y[0] # $hasValueFlow=1
sink y[0] # $ hasValueFlow=1
end
def m_excluding
x = [source(1), 2]
y = x.excluding 2
sink y[0] # $hasValueFlow=1
sink y[0] # $ hasValueFlow=1
end
def m_without
x = [source(1), 2]
y = x.without 2
sink y[0] # $hasValueFlow=1
sink y[0] # $ hasValueFlow=1
end
def m_in_order_of
x = [source(1), 2]
y = x.in_order_of(:itself, [2,1])
sink y[0] # $hasValueFlow=1
sink y[0] # $ hasValueFlow=1
end
def m_including
@@ -214,21 +214,21 @@ end
def m_safe_buffer_new
x = source "a"
y = ActionView::SafeBuffer.new(x)
sink y # $hasTaintFlow=a
sink y # $ hasTaintFlow=a
end
def m_safe_buffer_safe_concat_retval
x = ActionView::SafeBuffer.new("a")
b = source "b"
y = x.safe_concat(b)
sink y # $hasTaintFlow=b
sink y # $ hasTaintFlow=b
end
def m_safe_buffer_safe_concat_self
x = ActionView::SafeBuffer.new("a")
b = source "b"
x.safe_concat(b)
sink x # $hasTaintFlow=b
sink x # $ hasTaintFlow=b
end
def m_safe_buffer_concat
@@ -236,7 +236,7 @@ def m_safe_buffer_concat
b = source "b"
x = ActionView::SafeBuffer.new(a)
y = x.concat(b)
sink y # $hasTaintFlow=a
sink y # $ hasTaintFlow=a
end
def m_safe_buffer_insert
@@ -244,7 +244,7 @@ def m_safe_buffer_insert
b = source "b"
x = ActionView::SafeBuffer.new(a)
y = x.insert(i, b)
sink y # $hasTaintFlow=a $hasTaintFlow=b
sink y # $ hasTaintFlow=a $hasTaintFlow=b
end
def m_safe_buffer_prepend
@@ -252,43 +252,43 @@ def m_safe_buffer_prepend
b = source "b"
x = ActionView::SafeBuffer.new(a)
y = x.prepend(b)
sink y # $hasTaintFlow=a
sink y # $ hasTaintFlow=a
end
def m_safe_buffer_to_s
a = source "a"
x = ActionView::SafeBuffer.new(a)
y = x.to_s
sink y # $hasTaintFlow=a
sink y # $ hasTaintFlow=a
end
def m_safe_buffer_to_param
a = source "a"
x = ActionView::SafeBuffer.new(a)
y = x.to_param
sink y # $hasTaintFlow=a
sink y # $ hasTaintFlow=a
end
def m_pathname_existence
a = source "a"
x = Pathname.new(a)
y = x.existence
sink y # $hasTaintFlow=a
sink y # $ hasTaintFlow=a
z = y.existence
sink z # $hasTaintFlow=a
sink z # $ hasTaintFlow=a
end
def m_presence
x = source "a"
sink x.presence # $hasValueFlow=a
sink x.presence # $ hasValueFlow=a
y = source 123
sink y.presence # $hasValueFlow=123
sink y.presence # $ hasValueFlow=123
end
def m_deep_dup
x = source "a"
sink x.deep_dup # $hasValueFlow=a
sink x.deep_dup # $ hasValueFlow=a
end
def m_try(method)
@@ -302,32 +302,32 @@ end
def m_json_escape
a = source "a"
b = json_escape a
sink b # $hasTaintFlow=a
sink b # $ hasTaintFlow=a
end
def m_json_encode
x = source "a"
sink ActiveSupport::JSON.encode(x) # $hasTaintFlow=a
sink ActiveSupport::JSON.encode(x) # $ hasTaintFlow=a
end
def m_json_decode
x = source "a"
sink ActiveSupport::JSON.decode(x) # $hasTaintFlow=a
sink ActiveSupport::JSON.decode(x) # $ hasTaintFlow=a
end
def m_json_dump
x = source "a"
sink ActiveSupport::JSON.dump(x) # $hasTaintFlow=a
sink ActiveSupport::JSON.dump(x) # $ hasTaintFlow=a
end
def m_json_load
x = source "a"
sink ActiveSupport::JSON.load(x) # $hasTaintFlow=a
sink ActiveSupport::JSON.load(x) # $ hasTaintFlow=a
end
def m_to_json
x = source "a"
y = [x]
sink x.to_json # $hasTaintFlow=a
sink y.to_json # $hasTaintFlow=a
sink x.to_json # $ hasTaintFlow=a
sink y.to_json # $ hasTaintFlow=a
end

12
ruby/ql/test/library-tests/frameworks/active_support/hash_extensions.rb
View File

@@ -1,7 +1,7 @@
def m_stringify_keys
h = { a: source("a") }
x = h.stringify_keys
sink x["a"] # $hasValueFlow=a
sink x["a"] # $ hasValueFlow=a
end
m_stringify_keys()
@@ -9,7 +9,7 @@ m_stringify_keys()
def m_to_options
h = { "a" => source("a") }
x = h.to_options
sink x[:a] # $hasValueFlow=a
sink x[:a] # $ hasValueFlow=a
end
m_to_options()
@@ -17,7 +17,7 @@ m_to_options()
def m_symbolize_keys
h = { "a" => source("a") }
x = h.symbolize_keys
sink x[:a] # $hasValueFlow=a
sink x[:a] # $ hasValueFlow=a
end
m_symbolize_keys()
@@ -25,7 +25,7 @@ m_symbolize_keys()
def m_deep_stringify_keys
h = { a: source("a") }
x = h.deep_stringify_keys
sink x["a"] # $hasValueFlow=a
sink x["a"] # $ hasValueFlow=a
end
m_deep_stringify_keys()
@@ -33,7 +33,7 @@ m_deep_stringify_keys()
def m_deep_symbolize_keys
h = { "a" => source("a") }
x = h.deep_symbolize_keys
sink x[:a] # $hasValueFlow=a
sink x[:a] # $ hasValueFlow=a
end
m_deep_symbolize_keys()
@@ -41,7 +41,7 @@ m_deep_symbolize_keys()
def m_with_indifferent_access
h = { a: source("a") }
x = h.with_indifferent_access
sink x["a"] # $hasValueFlow=a
sink x["a"] # $ hasValueFlow=a
end
m_with_indifferent_access()

2
ruby/ql/test/library-tests/frameworks/arel/arel.rb
View File

@@ -1,6 +1,6 @@
def m1
x = source 1
sink(Arel.sql(x)) # $hasTaintFlow=1
sink(Arel.sql(x)) # $ hasTaintFlow=1
end
def m2

20
ruby/ql/test/library-tests/frameworks/json/json.rb
View File

@@ -1,11 +1,11 @@
sink JSON.parse(source "a") # $hasTaintFlow=a
sink JSON.parse!(source "a") # $hasTaintFlow=a
sink JSON.load(source "a") # $hasTaintFlow=a
sink JSON.restore(source "a") # $hasTaintFlow=a
sink JSON.parse(source "a") # $ hasTaintFlow=a
sink JSON.parse!(source "a") # $ hasTaintFlow=a
sink JSON.load(source "a") # $ hasTaintFlow=a
sink JSON.restore(source "a") # $ hasTaintFlow=a
sink JSON.generate(source "a") # $hasTaintFlow=a
sink JSON.fast_generate(source "a") # $hasTaintFlow=a
sink JSON.pretty_generate(source "a") # $hasTaintFlow=a
sink JSON.dump(source "a") # $hasTaintFlow=a
sink JSON.unparse(source "a") # $hasTaintFlow=a
sink JSON.fast_unparse(source "a") # $hasTaintFlow=a
sink JSON.generate(source "a") # $ hasTaintFlow=a
sink JSON.fast_generate(source "a") # $ hasTaintFlow=a
sink JSON.pretty_generate(source "a") # $ hasTaintFlow=a
sink JSON.dump(source "a") # $ hasTaintFlow=a
sink JSON.unparse(source "a") # $ hasTaintFlow=a
sink JSON.fast_unparse(source "a") # $ hasTaintFlow=a