hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 10:15:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

added ActiveSupport::Multibyte::Chars normalize() sink

Browse Source
This commit is contained in:
Sim4n6
2023-05-25 09:21:55 +01:00
parent d772bb213a
commit 7d68f6afc9
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll
View File

@@ -105,6 +105,18 @@ class Configuration extends TaintTracking::Configuration {
mac = API::getTopLevelMember("UNF").getMember("Normalizer").getMethod("normalize") and
sink = mac.getParameter(0).asSink()
)
or
// ActiveSupport::Multibyte::Chars
exists(DataFlow::CallNode cn, DataFlow::CallNode n |
cn =
API::getTopLevelMember("ActiveSupport")
.getMember("Multibyte")
.getMember("Chars")
.getMethod("new")
.getCallNode() and
n = cn.(DataFlow::CallNode).getAMethodCall("normalize") and
sink = cn.getArgument(0)
)
) and
state instanceof PostValidation
}