hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-24 16:25:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ruby: Rework Sinatra.FilterJumpStep

Browse Source
This commit is contained in:
Tom Hvitved
2024-06-20 14:14:21 +02:00
parent 95c764eff6
commit 8ea4f85de3
3 changed files with 85 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
ruby/ql/lib/codeql/ruby/frameworks/Sinatra.qll
View File

@@ -279,19 +279,23 @@ module Sinatra {
filter.getApp() = route.getApp() and
// the filter applies to all routes
not filter.hasPattern() and
blockPostUpdate(pred, filter.getBody()) and
blockSelfParameterNode(succ, route.getBody().asExpr().getExpr())
blockPostSelf(pred, filter.getBody()) and
blockSelf(succ, route.getBody().asExpr().getExpr())
)
}
}
/** Holds if `n` is a post-update node for the block `b`. */
private predicate blockPostUpdate(DataFlow::PostUpdateNode n, DataFlow::BlockNode b) {
n.getPreUpdateNode() = b
/** Holds if `n` is a post-update node referencing `self` in the block `b`. */
private predicate blockPostSelf(DataFlow::PostUpdateNode n, DataFlow::BlockNode b) {
exists(SelfVariableAccessCfgNode self |
n.getPreUpdateNode().asExpr() = self and
self.getScope() = b.asExpr().getAstNode()
)
}
/** Holds if `n` is a `self` parameter belonging to block `b`. */
private predicate blockSelfParameterNode(DataFlowPrivate::LambdaSelfReferenceNode n, Block b) {
n.getCallable() = b
/** Holds if `n` is a node referencing `self` in the block `b`. */
private predicate blockSelf(DataFlow::VariableAccessNode self, Block b) {
self.getExprNode().getBasicBlock().getScope() = b and
self.asVariableAccessAstNode().getVariable() instanceof SelfVariable
}
}