Merge pull request #16154 from hvitved/ruby/redundant-implicit-read

Ruby: Remove two redundant `allowImplicitRead` predicates
2026-04-25 16:55:19 +02:00 · 2024-04-09 15:38:05 +02:00
parent 6f1a9d4574 e6984aa865
commit 6c9a0e4a9a
2 changed files with 0 additions and 12 deletions
--- a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionQuery.qll
+++ b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionQuery.qll
@@ -46,12 +46,6 @@ private module UnsafeCodeConstructionConfig implements DataFlow::ConfigSig {

  // override to require the path doesn't have unmatched return steps
  DataFlow::FlowFeature getAFeature() { result instanceof DataFlow::FeatureHasSourceCallContext }
-
-  predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet set) {
-    // allow implicit reads of array elements
-    isSink(node) and
-    set.isElementOfTypeOrUnknown("int")
-  }
 }

 /**
--- a/ruby/ql/lib/codeql/ruby/security/UnsafeShellCommandConstructionQuery.qll
+++ b/ruby/ql/lib/codeql/ruby/security/UnsafeShellCommandConstructionQuery.qll
@@ -49,12 +49,6 @@ private module UnsafeShellCommandConstructionConfig implements DataFlow::ConfigS

  // override to require the path doesn't have unmatched return steps
  DataFlow::FlowFeature getAFeature() { result instanceof DataFlow::FeatureHasSourceCallContext }
-
-  predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet set) {
-    // allow implicit reads of array elements
-    isSink(node) and
-    set.isElementOfTypeOrUnknown("int")
-  }
 }

 /**