hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 13:45:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add barrier guards for CLI injection

Browse Source
This commit is contained in:
Harry Maclean
2021-09-03 11:45:46 +01:00
parent 4ecc78effc
commit 799ef4e4c9
4 changed files with 18 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ql/lib/codeql/ruby/security/CommandInjectionQuery.qll
View File

@@ -11,6 +11,7 @@ import ruby
import codeql.ruby.TaintTracking
import CommandInjectionCustomizations::CommandInjection
import codeql.ruby.DataFlow
import codeql.ruby.dataflow.BarrierGuards
/**
* A taint-tracking configuration for reasoning about command-injection vulnerabilities.
@@ -23,4 +24,9 @@ class Configuration extends TaintTracking::Configuration {
override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
override predicate isSanitizerGuard(DataFlow::BarrierGuard guard) {
guard instanceof StringConstCompare or
guard instanceof StringConstArrayInclusionCall
}
}