hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 02:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9918 from hmac/hmac/mime-type-match

Browse Source 
Ruby: Model Mime::Type
This commit is contained in:
Harry Maclean
2022-08-05 11:51:45 +12:00
committed by GitHub
parent 157bbccf62 452811dbf2
commit 74d529d3e3
7 changed files with 1027 additions and 912 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
ruby/ql/test/library-tests/frameworks/ActionDispatch.expected
View File

@@ -54,3 +54,15 @@ underscore
| HTTPServerRequest | httpserver_request |
| LotsOfCapitalLetters | lots_of_capital_letters |
| invalid | invalid |
mimeTypeInstances
| action_dispatch/mime_type.rb:2:6:2:28 | Use getMember("Mime").getMethod("fetch").getReturn() |
| action_dispatch/mime_type.rb:3:6:3:32 | Use getMember("Mime").getMember("Type").getMethod("new").getReturn() |
| action_dispatch/mime_type.rb:4:6:4:35 | Use getMember("Mime").getMember("Type").getMethod("lookup").getReturn() |
| action_dispatch/mime_type.rb:5:6:5:43 | Use getMember("Mime").getMember("Type").getMethod("lookup_by_extension").getReturn() |
| action_dispatch/mime_type.rb:6:6:6:47 | Use getMember("Mime").getMember("Type").getMethod("register").getReturn() |
| action_dispatch/mime_type.rb:7:6:7:64 | Use getMember("Mime").getMember("Type").getMethod("register_alias").getReturn() |
mimeTypeMatchRegExpInterpretations
| action_dispatch/mime_type.rb:11:11:11:19 | "foo/bar" |
| action_dispatch/mime_type.rb:12:7:12:15 | "foo/bar" |
| action_dispatch/mime_type.rb:13:11:13:11 | s |
| action_dispatch/mime_type.rb:14:7:14:7 | s |

20
ruby/ql/test/library-tests/frameworks/ActionDispatch.ql
View File

@@ -1,9 +1,13 @@
private import ruby
private import codeql.ruby.frameworks.ActionDispatch
private import codeql.ruby.frameworks.ActionController
private import codeql.ruby.ApiGraphs
private import codeql.ruby.frameworks.data.ModelsAsData
private import codeql.ruby.DataFlow
private import codeql.ruby.Regexp as RE
query predicate actionDispatchRoutes(
ActionDispatch::Route r, string method, string path, string controller, string action
ActionDispatch::Routing::Route r, string method, string path, string controller, string action
) {
r.getHttpMethod() = method and
r.getPath() = path and
@@ -12,15 +16,25 @@ query predicate actionDispatchRoutes(
}
query predicate actionDispatchControllerMethods(
ActionDispatch::Route r, ActionControllerActionMethod m
ActionDispatch::Routing::Route r, ActionControllerActionMethod m
) {
m.getARoute() = r
}
query predicate underscore(string input, string output) {
output = ActionDispatch::underscore(input) and
output = ActionDispatch::Routing::underscore(input) and
input in [
"Foo", "FooBar", "Foo::Bar", "FooBar::Baz", "Foo::Bar::Baz", "Foo::Bar::BazQuux", "invalid",
"HTTPServerRequest", "LotsOfCapitalLetters"
]
}
query predicate mimeTypeInstances(API::Node n) {
n = ModelOutput::getATypeNode("actiondispatch", "Mime::Type")
}
query predicate mimeTypeMatchRegExpInterpretations(
ActionDispatch::MimeTypeMatchRegExpInterpretation s
) {
any()
}

14
ruby/ql/test/library-tests/frameworks/action_dispatch/mime_type.rb Normal file
View File

@@ -0,0 +1,14 @@
m1 = Mime["text/html"] # not recognised due to MaD limitation (can't parse method name)
m2 = Mime.fetch("text/html")
m3 = Mime::Type.new("text/html")
m4 = Mime::Type.lookup("text/html")
m5 = Mime::Type.lookup_by_extension("jpeg")
m6 = Mime::Type.register("text/calendar", :ics)
m7 = Mime::Type.register_alias("application/xml", :opf, %w(opf))
s = "foo/bar"
m2.match? "foo/bar"
m3 =~ "foo/bar"
m4.match? s
m5 =~ s