mirror of
https://github.com/github/codeql.git
synced 2026-04-30 11:15:13 +02:00
Ruby: Generalize SynthHashSplatParameterNode to also work for synthesized methods
This commit is contained in:
Tom Hvitved
@@ -65,7 +65,12 @@ class DataFlowCallable extends TDataFlowCallable {
|
||||
string toString() { result = [this.asCallable().toString(), this.asLibraryCallable()] }
|
||||
|
||||
/** Gets the location of this callable. */
|
||||
Location getLocation() { result = this.asCallable().getLocation() }
|
||||
Location getLocation() {
|
||||
result = this.asCallable().getLocation()
|
||||
or
|
||||
this instanceof TLibraryCallable and
|
||||
result instanceof EmptyLocation
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -227,7 +227,9 @@ private module Cached {
|
||||
} or
|
||||
TSelfParameterNode(MethodBase m) or
|
||||
TBlockParameterNode(MethodBase m) or
|
||||
TSynthHashSplatParameterNode(MethodBase m) { m.getAParameter() instanceof KeywordParameter } or
|
||||
TSynthHashSplatParameterNode(DataFlowCallable c) {
|
||||
isParameterNode(_, c, any(ParameterPosition p | p.isKeyword(_)))
|
||||
} or
|
||||
TExprPostUpdateNode(CfgNodes::ExprCfgNode n) {
|
||||
n instanceof Argument or
|
||||
n = any(CfgNodes::ExprNodes::InstanceVariableAccessCfgNode v).getReceiver()
|
||||
@@ -477,10 +479,13 @@ private module ParameterNodes {
|
||||
abstract class ParameterNodeImpl extends NodeImpl {
|
||||
abstract Parameter getParameter();
|
||||
|
||||
abstract predicate isSourceParameterOf(Callable c, ParameterPosition pos);
|
||||
abstract predicate isParameterOf(DataFlowCallable c, ParameterPosition pos);
|
||||
|
||||
predicate isParameterOf(DataFlowCallable c, ParameterPosition pos) {
|
||||
this.isSourceParameterOf(c.asCallable(), pos)
|
||||
final predicate isSourceParameterOf(Callable c, ParameterPosition pos) {
|
||||
exists(DataFlowCallable callable |
|
||||
this.isParameterOf(callable, pos) and
|
||||
c = callable.asCallable()
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -495,21 +500,23 @@ private module ParameterNodes {
|
||||
|
||||
override Parameter getParameter() { result = parameter }
|
||||
|
||||
override predicate isSourceParameterOf(Callable c, ParameterPosition pos) {
|
||||
exists(int i | pos.isPositional(i) and c.getParameter(i) = parameter |
|
||||
parameter instanceof SimpleParameter
|
||||
or
|
||||
parameter instanceof OptionalParameter
|
||||
)
|
||||
or
|
||||
parameter =
|
||||
any(KeywordParameter kp |
|
||||
c.getAParameter() = kp and
|
||||
pos.isKeyword(kp.getName())
|
||||
override predicate isParameterOf(DataFlowCallable c, ParameterPosition pos) {
|
||||
exists(Callable callable | callable = c.asCallable() |
|
||||
exists(int i | pos.isPositional(i) and callable.getParameter(i) = parameter |
|
||||
parameter instanceof SimpleParameter
|
||||
or
|
||||
parameter instanceof OptionalParameter
|
||||
)
|
||||
or
|
||||
parameter = c.getAParameter().(HashSplatParameter) and
|
||||
pos.isHashSplat()
|
||||
or
|
||||
parameter =
|
||||
any(KeywordParameter kp |
|
||||
callable.getAParameter() = kp and
|
||||
pos.isKeyword(kp.getName())
|
||||
)
|
||||
or
|
||||
parameter = callable.getAParameter().(HashSplatParameter) and
|
||||
pos.isHashSplat()
|
||||
)
|
||||
}
|
||||
|
||||
override CfgScope getCfgScope() { result = parameter.getCallable() }
|
||||
@@ -532,8 +539,8 @@ private module ParameterNodes {
|
||||
|
||||
override Parameter getParameter() { none() }
|
||||
|
||||
override predicate isSourceParameterOf(Callable c, ParameterPosition pos) {
|
||||
method = c and pos.isSelf()
|
||||
override predicate isParameterOf(DataFlowCallable c, ParameterPosition pos) {
|
||||
method = c.asCallable() and pos.isSelf()
|
||||
}
|
||||
|
||||
override CfgScope getCfgScope() { result = method }
|
||||
@@ -558,8 +565,8 @@ private module ParameterNodes {
|
||||
result = method.getAParameter() and result instanceof BlockParameter
|
||||
}
|
||||
|
||||
override predicate isSourceParameterOf(Callable c, ParameterPosition pos) {
|
||||
c = method and pos.isBlock()
|
||||
override predicate isParameterOf(DataFlowCallable c, ParameterPosition pos) {
|
||||
c.asCallable() = method and pos.isBlock()
|
||||
}
|
||||
|
||||
override CfgScope getCfgScope() { result = method }
|
||||
@@ -612,37 +619,36 @@ private module ParameterNodes {
|
||||
* collapsed anyway.
|
||||
*/
|
||||
class SynthHashSplatParameterNode extends ParameterNodeImpl, TSynthHashSplatParameterNode {
|
||||
private MethodBase method;
|
||||
private DataFlowCallable callable;
|
||||
|
||||
SynthHashSplatParameterNode() { this = TSynthHashSplatParameterNode(method) }
|
||||
|
||||
final Callable getMethod() { result = method }
|
||||
SynthHashSplatParameterNode() { this = TSynthHashSplatParameterNode(callable) }
|
||||
|
||||
/**
|
||||
* Gets a keyword parameter that will be the result of reading `c` out of this
|
||||
* synthesized node.
|
||||
*/
|
||||
NormalParameterNode getAKeywordParameter(ContentSet c) {
|
||||
exists(KeywordParameter p |
|
||||
p = result.getParameter() and
|
||||
p = method.getAParameter()
|
||||
ParameterNode getAKeywordParameter(ContentSet c) {
|
||||
exists(string name |
|
||||
isParameterNode(result, callable, any(ParameterPosition p | p.isKeyword(name)))
|
||||
|
|
||||
c = getKeywordContent(p.getName()) or
|
||||
c = getKeywordContent(name) or
|
||||
c.isSingleton(TUnknownElementContent())
|
||||
)
|
||||
}
|
||||
|
||||
override Parameter getParameter() { none() }
|
||||
final override Parameter getParameter() { none() }
|
||||
|
||||
override predicate isSourceParameterOf(Callable c, ParameterPosition pos) {
|
||||
c = method and pos.isHashSplat()
|
||||
final override predicate isParameterOf(DataFlowCallable c, ParameterPosition pos) {
|
||||
c = callable and pos.isHashSplat()
|
||||
}
|
||||
|
||||
override CfgScope getCfgScope() { result = method }
|
||||
final override CfgScope getCfgScope() { result = callable.asCallable() }
|
||||
|
||||
override Location getLocationImpl() { result = method.getLocation() }
|
||||
final override DataFlowCallable getEnclosingCallable() { result = callable }
|
||||
|
||||
override string toStringImpl() { result = "**kwargs" }
|
||||
final override Location getLocationImpl() { result = callable.getLocation() }
|
||||
|
||||
final override string toStringImpl() { result = "**kwargs" }
|
||||
}
|
||||
|
||||
/** A parameter for a library callable with a flow summary. */
|
||||
@@ -654,8 +660,6 @@ private module ParameterNodes {
|
||||
|
||||
override Parameter getParameter() { none() }
|
||||
|
||||
override predicate isSourceParameterOf(Callable c, ParameterPosition pos) { none() }
|
||||
|
||||
override predicate isParameterOf(DataFlowCallable c, ParameterPosition pos) {
|
||||
sc = c.asLibraryCallable() and pos = pos_
|
||||
}
|
||||
|
||||
@@ -19,19 +19,19 @@ edges
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:37:36:37:42 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:37:36:37:42 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:51:24:51:30 | tainted : |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:54:22:54:28 | tainted : |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:55:17:55:23 | tainted : |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:57:27:57:33 | tainted : |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:61:32:61:38 | tainted : |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:63:23:63:29 | tainted : |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:102:16:102:22 | tainted : |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:108:14:108:20 | tainted : |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:111:16:111:22 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:111:16:111:22 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:112:21:112:27 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:112:21:112:27 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:115:26:115:32 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:115:26:115:32 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:56:22:56:28 | tainted : |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:57:17:57:23 | tainted : |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:59:27:59:33 | tainted : |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:63:32:63:38 | tainted : |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:65:23:65:29 | tainted : |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:104:16:104:22 | tainted : |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:110:14:110:20 | tainted : |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:113:16:113:22 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:113:16:113:22 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:114:21:114:27 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:114:21:114:27 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:117:26:117:32 | tainted |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | summaries.rb:117:26:117:32 | tainted |
|
||||
| summaries.rb:1:20:1:36 | call to source : | summaries.rb:1:11:1:36 | call to identity : |
|
||||
| summaries.rb:1:20:1:36 | call to source : | summaries.rb:1:11:1:36 | call to identity : |
|
||||
| summaries.rb:4:12:7:3 | call to apply_block : | summaries.rb:9:6:9:13 | tainted2 |
|
||||
@@ -64,55 +64,58 @@ edges
|
||||
| summaries.rb:44:8:44:8 | t : | summaries.rb:44:8:44:27 | call to matchedByNameRcv |
|
||||
| summaries.rb:48:24:48:41 | call to source : | summaries.rb:48:8:48:42 | call to preserveTaint |
|
||||
| summaries.rb:51:24:51:30 | tainted : | summaries.rb:51:6:51:31 | call to namedArg |
|
||||
| summaries.rb:54:22:54:28 | tainted : | summaries.rb:54:6:54:29 | call to anyArg |
|
||||
| summaries.rb:55:17:55:23 | tainted : | summaries.rb:55:6:55:24 | call to anyArg |
|
||||
| summaries.rb:57:27:57:33 | tainted : | summaries.rb:57:6:57:34 | call to anyNamedArg |
|
||||
| summaries.rb:61:32:61:38 | tainted : | summaries.rb:61:6:61:39 | call to anyPositionFromOne |
|
||||
| summaries.rb:63:23:63:29 | tainted : | summaries.rb:63:40:63:40 | x : |
|
||||
| summaries.rb:63:40:63:40 | x : | summaries.rb:64:8:64:8 | x |
|
||||
| summaries.rb:71:24:71:53 | call to source : | summaries.rb:71:8:71:54 | call to preserveTaint |
|
||||
| summaries.rb:74:26:74:56 | call to source : | summaries.rb:74:8:74:57 | call to preserveTaint |
|
||||
| summaries.rb:77:15:77:29 | call to source : | summaries.rb:79:6:79:6 | a [element 1] : |
|
||||
| summaries.rb:77:15:77:29 | call to source : | summaries.rb:79:6:79:6 | a [element 1] : |
|
||||
| summaries.rb:77:15:77:29 | call to source : | summaries.rb:81:5:81:5 | a [element 1] : |
|
||||
| summaries.rb:77:15:77:29 | call to source : | summaries.rb:81:5:81:5 | a [element 1] : |
|
||||
| summaries.rb:77:32:77:46 | call to source : | summaries.rb:80:6:80:6 | a [element 2] : |
|
||||
| summaries.rb:77:32:77:46 | call to source : | summaries.rb:80:6:80:6 | a [element 2] : |
|
||||
| summaries.rb:77:32:77:46 | call to source : | summaries.rb:85:1:85:1 | a [element 2] : |
|
||||
| summaries.rb:77:32:77:46 | call to source : | summaries.rb:85:1:85:1 | a [element 2] : |
|
||||
| summaries.rb:79:6:79:6 | a [element 1] : | summaries.rb:79:6:79:9 | ...[...] |
|
||||
| summaries.rb:79:6:79:6 | a [element 1] : | summaries.rb:79:6:79:9 | ...[...] |
|
||||
| summaries.rb:80:6:80:6 | a [element 2] : | summaries.rb:80:6:80:9 | ...[...] |
|
||||
| summaries.rb:80:6:80:6 | a [element 2] : | summaries.rb:80:6:80:9 | ...[...] |
|
||||
| summaries.rb:81:5:81:5 | a [element 1] : | summaries.rb:81:5:81:22 | call to withElementOne [element 1] : |
|
||||
| summaries.rb:81:5:81:5 | a [element 1] : | summaries.rb:81:5:81:22 | call to withElementOne [element 1] : |
|
||||
| summaries.rb:81:5:81:22 | call to withElementOne [element 1] : | summaries.rb:83:6:83:6 | b [element 1] : |
|
||||
| summaries.rb:81:5:81:22 | call to withElementOne [element 1] : | summaries.rb:83:6:83:6 | b [element 1] : |
|
||||
| summaries.rb:83:6:83:6 | b [element 1] : | summaries.rb:83:6:83:9 | ...[...] |
|
||||
| summaries.rb:83:6:83:6 | b [element 1] : | summaries.rb:83:6:83:9 | ...[...] |
|
||||
| summaries.rb:85:1:85:1 | [post] a [element 2] : | summaries.rb:88:6:88:6 | a [element 2] : |
|
||||
| summaries.rb:85:1:85:1 | [post] a [element 2] : | summaries.rb:88:6:88:6 | a [element 2] : |
|
||||
| summaries.rb:85:1:85:1 | a [element 2] : | summaries.rb:85:1:85:1 | [post] a [element 2] : |
|
||||
| summaries.rb:85:1:85:1 | a [element 2] : | summaries.rb:85:1:85:1 | [post] a [element 2] : |
|
||||
| summaries.rb:88:6:88:6 | a [element 2] : | summaries.rb:88:6:88:9 | ...[...] |
|
||||
| summaries.rb:88:6:88:6 | a [element 2] : | summaries.rb:88:6:88:9 | ...[...] |
|
||||
| summaries.rb:91:1:91:1 | [post] x [@value] : | summaries.rb:92:6:92:6 | x [@value] : |
|
||||
| summaries.rb:91:1:91:1 | [post] x [@value] : | summaries.rb:92:6:92:6 | x [@value] : |
|
||||
| summaries.rb:91:13:91:26 | call to source : | summaries.rb:91:1:91:1 | [post] x [@value] : |
|
||||
| summaries.rb:91:13:91:26 | call to source : | summaries.rb:91:1:91:1 | [post] x [@value] : |
|
||||
| summaries.rb:92:6:92:6 | x [@value] : | summaries.rb:92:6:92:16 | call to get_value |
|
||||
| summaries.rb:92:6:92:6 | x [@value] : | summaries.rb:92:6:92:16 | call to get_value |
|
||||
| summaries.rb:102:16:102:22 | [post] tainted : | summaries.rb:108:14:108:20 | tainted : |
|
||||
| summaries.rb:102:16:102:22 | [post] tainted : | summaries.rb:111:16:111:22 | tainted |
|
||||
| summaries.rb:102:16:102:22 | [post] tainted : | summaries.rb:112:21:112:27 | tainted |
|
||||
| summaries.rb:102:16:102:22 | [post] tainted : | summaries.rb:115:26:115:32 | tainted |
|
||||
| summaries.rb:102:16:102:22 | tainted : | summaries.rb:102:16:102:22 | [post] tainted : |
|
||||
| summaries.rb:102:16:102:22 | tainted : | summaries.rb:102:25:102:25 | [post] y : |
|
||||
| summaries.rb:102:16:102:22 | tainted : | summaries.rb:102:33:102:33 | [post] z : |
|
||||
| summaries.rb:102:25:102:25 | [post] y : | summaries.rb:104:6:104:6 | y |
|
||||
| summaries.rb:102:33:102:33 | [post] z : | summaries.rb:105:6:105:6 | z |
|
||||
| summaries.rb:108:1:108:1 | [post] x : | summaries.rb:109:6:109:6 | x |
|
||||
| summaries.rb:108:14:108:20 | tainted : | summaries.rb:108:1:108:1 | [post] x : |
|
||||
| summaries.rb:53:15:53:31 | call to source : | summaries.rb:54:21:54:24 | args [element :foo] : |
|
||||
| summaries.rb:54:19:54:24 | ** ... [element :foo] : | summaries.rb:54:6:54:25 | call to namedArg |
|
||||
| summaries.rb:54:21:54:24 | args [element :foo] : | summaries.rb:54:19:54:24 | ** ... [element :foo] : |
|
||||
| summaries.rb:56:22:56:28 | tainted : | summaries.rb:56:6:56:29 | call to anyArg |
|
||||
| summaries.rb:57:17:57:23 | tainted : | summaries.rb:57:6:57:24 | call to anyArg |
|
||||
| summaries.rb:59:27:59:33 | tainted : | summaries.rb:59:6:59:34 | call to anyNamedArg |
|
||||
| summaries.rb:63:32:63:38 | tainted : | summaries.rb:63:6:63:39 | call to anyPositionFromOne |
|
||||
| summaries.rb:65:23:65:29 | tainted : | summaries.rb:65:40:65:40 | x : |
|
||||
| summaries.rb:65:40:65:40 | x : | summaries.rb:66:8:66:8 | x |
|
||||
| summaries.rb:73:24:73:53 | call to source : | summaries.rb:73:8:73:54 | call to preserveTaint |
|
||||
| summaries.rb:76:26:76:56 | call to source : | summaries.rb:76:8:76:57 | call to preserveTaint |
|
||||
| summaries.rb:79:15:79:29 | call to source : | summaries.rb:81:6:81:6 | a [element 1] : |
|
||||
| summaries.rb:79:15:79:29 | call to source : | summaries.rb:81:6:81:6 | a [element 1] : |
|
||||
| summaries.rb:79:15:79:29 | call to source : | summaries.rb:83:5:83:5 | a [element 1] : |
|
||||
| summaries.rb:79:15:79:29 | call to source : | summaries.rb:83:5:83:5 | a [element 1] : |
|
||||
| summaries.rb:79:32:79:46 | call to source : | summaries.rb:82:6:82:6 | a [element 2] : |
|
||||
| summaries.rb:79:32:79:46 | call to source : | summaries.rb:82:6:82:6 | a [element 2] : |
|
||||
| summaries.rb:79:32:79:46 | call to source : | summaries.rb:87:1:87:1 | a [element 2] : |
|
||||
| summaries.rb:79:32:79:46 | call to source : | summaries.rb:87:1:87:1 | a [element 2] : |
|
||||
| summaries.rb:81:6:81:6 | a [element 1] : | summaries.rb:81:6:81:9 | ...[...] |
|
||||
| summaries.rb:81:6:81:6 | a [element 1] : | summaries.rb:81:6:81:9 | ...[...] |
|
||||
| summaries.rb:82:6:82:6 | a [element 2] : | summaries.rb:82:6:82:9 | ...[...] |
|
||||
| summaries.rb:82:6:82:6 | a [element 2] : | summaries.rb:82:6:82:9 | ...[...] |
|
||||
| summaries.rb:83:5:83:5 | a [element 1] : | summaries.rb:83:5:83:22 | call to withElementOne [element 1] : |
|
||||
| summaries.rb:83:5:83:5 | a [element 1] : | summaries.rb:83:5:83:22 | call to withElementOne [element 1] : |
|
||||
| summaries.rb:83:5:83:22 | call to withElementOne [element 1] : | summaries.rb:85:6:85:6 | b [element 1] : |
|
||||
| summaries.rb:83:5:83:22 | call to withElementOne [element 1] : | summaries.rb:85:6:85:6 | b [element 1] : |
|
||||
| summaries.rb:85:6:85:6 | b [element 1] : | summaries.rb:85:6:85:9 | ...[...] |
|
||||
| summaries.rb:85:6:85:6 | b [element 1] : | summaries.rb:85:6:85:9 | ...[...] |
|
||||
| summaries.rb:87:1:87:1 | [post] a [element 2] : | summaries.rb:90:6:90:6 | a [element 2] : |
|
||||
| summaries.rb:87:1:87:1 | [post] a [element 2] : | summaries.rb:90:6:90:6 | a [element 2] : |
|
||||
| summaries.rb:87:1:87:1 | a [element 2] : | summaries.rb:87:1:87:1 | [post] a [element 2] : |
|
||||
| summaries.rb:87:1:87:1 | a [element 2] : | summaries.rb:87:1:87:1 | [post] a [element 2] : |
|
||||
| summaries.rb:90:6:90:6 | a [element 2] : | summaries.rb:90:6:90:9 | ...[...] |
|
||||
| summaries.rb:90:6:90:6 | a [element 2] : | summaries.rb:90:6:90:9 | ...[...] |
|
||||
| summaries.rb:93:1:93:1 | [post] x [@value] : | summaries.rb:94:6:94:6 | x [@value] : |
|
||||
| summaries.rb:93:1:93:1 | [post] x [@value] : | summaries.rb:94:6:94:6 | x [@value] : |
|
||||
| summaries.rb:93:13:93:26 | call to source : | summaries.rb:93:1:93:1 | [post] x [@value] : |
|
||||
| summaries.rb:93:13:93:26 | call to source : | summaries.rb:93:1:93:1 | [post] x [@value] : |
|
||||
| summaries.rb:94:6:94:6 | x [@value] : | summaries.rb:94:6:94:16 | call to get_value |
|
||||
| summaries.rb:94:6:94:6 | x [@value] : | summaries.rb:94:6:94:16 | call to get_value |
|
||||
| summaries.rb:104:16:104:22 | [post] tainted : | summaries.rb:110:14:110:20 | tainted : |
|
||||
| summaries.rb:104:16:104:22 | [post] tainted : | summaries.rb:113:16:113:22 | tainted |
|
||||
| summaries.rb:104:16:104:22 | [post] tainted : | summaries.rb:114:21:114:27 | tainted |
|
||||
| summaries.rb:104:16:104:22 | [post] tainted : | summaries.rb:117:26:117:32 | tainted |
|
||||
| summaries.rb:104:16:104:22 | tainted : | summaries.rb:104:16:104:22 | [post] tainted : |
|
||||
| summaries.rb:104:16:104:22 | tainted : | summaries.rb:104:25:104:25 | [post] y : |
|
||||
| summaries.rb:104:16:104:22 | tainted : | summaries.rb:104:33:104:33 | [post] z : |
|
||||
| summaries.rb:104:25:104:25 | [post] y : | summaries.rb:106:6:106:6 | y |
|
||||
| summaries.rb:104:33:104:33 | [post] z : | summaries.rb:107:6:107:6 | z |
|
||||
| summaries.rb:110:1:110:1 | [post] x : | summaries.rb:111:6:111:6 | x |
|
||||
| summaries.rb:110:14:110:20 | tainted : | summaries.rb:110:1:110:1 | [post] x : |
|
||||
nodes
|
||||
| summaries.rb:1:11:1:36 | call to identity : | semmle.label | call to identity : |
|
||||
| summaries.rb:1:11:1:36 | call to identity : | semmle.label | call to identity : |
|
||||
@@ -169,72 +172,76 @@ nodes
|
||||
| summaries.rb:48:24:48:41 | call to source : | semmle.label | call to source : |
|
||||
| summaries.rb:51:6:51:31 | call to namedArg | semmle.label | call to namedArg |
|
||||
| summaries.rb:51:24:51:30 | tainted : | semmle.label | tainted : |
|
||||
| summaries.rb:54:6:54:29 | call to anyArg | semmle.label | call to anyArg |
|
||||
| summaries.rb:54:22:54:28 | tainted : | semmle.label | tainted : |
|
||||
| summaries.rb:55:6:55:24 | call to anyArg | semmle.label | call to anyArg |
|
||||
| summaries.rb:55:17:55:23 | tainted : | semmle.label | tainted : |
|
||||
| summaries.rb:57:6:57:34 | call to anyNamedArg | semmle.label | call to anyNamedArg |
|
||||
| summaries.rb:57:27:57:33 | tainted : | semmle.label | tainted : |
|
||||
| summaries.rb:61:6:61:39 | call to anyPositionFromOne | semmle.label | call to anyPositionFromOne |
|
||||
| summaries.rb:61:32:61:38 | tainted : | semmle.label | tainted : |
|
||||
| summaries.rb:63:23:63:29 | tainted : | semmle.label | tainted : |
|
||||
| summaries.rb:63:40:63:40 | x : | semmle.label | x : |
|
||||
| summaries.rb:64:8:64:8 | x | semmle.label | x |
|
||||
| summaries.rb:71:8:71:54 | call to preserveTaint | semmle.label | call to preserveTaint |
|
||||
| summaries.rb:71:24:71:53 | call to source : | semmle.label | call to source : |
|
||||
| summaries.rb:74:8:74:57 | call to preserveTaint | semmle.label | call to preserveTaint |
|
||||
| summaries.rb:74:26:74:56 | call to source : | semmle.label | call to source : |
|
||||
| summaries.rb:77:15:77:29 | call to source : | semmle.label | call to source : |
|
||||
| summaries.rb:77:15:77:29 | call to source : | semmle.label | call to source : |
|
||||
| summaries.rb:77:32:77:46 | call to source : | semmle.label | call to source : |
|
||||
| summaries.rb:77:32:77:46 | call to source : | semmle.label | call to source : |
|
||||
| summaries.rb:79:6:79:6 | a [element 1] : | semmle.label | a [element 1] : |
|
||||
| summaries.rb:79:6:79:6 | a [element 1] : | semmle.label | a [element 1] : |
|
||||
| summaries.rb:79:6:79:9 | ...[...] | semmle.label | ...[...] |
|
||||
| summaries.rb:79:6:79:9 | ...[...] | semmle.label | ...[...] |
|
||||
| summaries.rb:80:6:80:6 | a [element 2] : | semmle.label | a [element 2] : |
|
||||
| summaries.rb:80:6:80:6 | a [element 2] : | semmle.label | a [element 2] : |
|
||||
| summaries.rb:80:6:80:9 | ...[...] | semmle.label | ...[...] |
|
||||
| summaries.rb:80:6:80:9 | ...[...] | semmle.label | ...[...] |
|
||||
| summaries.rb:81:5:81:5 | a [element 1] : | semmle.label | a [element 1] : |
|
||||
| summaries.rb:81:5:81:5 | a [element 1] : | semmle.label | a [element 1] : |
|
||||
| summaries.rb:81:5:81:22 | call to withElementOne [element 1] : | semmle.label | call to withElementOne [element 1] : |
|
||||
| summaries.rb:81:5:81:22 | call to withElementOne [element 1] : | semmle.label | call to withElementOne [element 1] : |
|
||||
| summaries.rb:83:6:83:6 | b [element 1] : | semmle.label | b [element 1] : |
|
||||
| summaries.rb:83:6:83:6 | b [element 1] : | semmle.label | b [element 1] : |
|
||||
| summaries.rb:83:6:83:9 | ...[...] | semmle.label | ...[...] |
|
||||
| summaries.rb:83:6:83:9 | ...[...] | semmle.label | ...[...] |
|
||||
| summaries.rb:85:1:85:1 | [post] a [element 2] : | semmle.label | [post] a [element 2] : |
|
||||
| summaries.rb:85:1:85:1 | [post] a [element 2] : | semmle.label | [post] a [element 2] : |
|
||||
| summaries.rb:85:1:85:1 | a [element 2] : | semmle.label | a [element 2] : |
|
||||
| summaries.rb:85:1:85:1 | a [element 2] : | semmle.label | a [element 2] : |
|
||||
| summaries.rb:88:6:88:6 | a [element 2] : | semmle.label | a [element 2] : |
|
||||
| summaries.rb:88:6:88:6 | a [element 2] : | semmle.label | a [element 2] : |
|
||||
| summaries.rb:88:6:88:9 | ...[...] | semmle.label | ...[...] |
|
||||
| summaries.rb:88:6:88:9 | ...[...] | semmle.label | ...[...] |
|
||||
| summaries.rb:91:1:91:1 | [post] x [@value] : | semmle.label | [post] x [@value] : |
|
||||
| summaries.rb:91:1:91:1 | [post] x [@value] : | semmle.label | [post] x [@value] : |
|
||||
| summaries.rb:91:13:91:26 | call to source : | semmle.label | call to source : |
|
||||
| summaries.rb:91:13:91:26 | call to source : | semmle.label | call to source : |
|
||||
| summaries.rb:92:6:92:6 | x [@value] : | semmle.label | x [@value] : |
|
||||
| summaries.rb:92:6:92:6 | x [@value] : | semmle.label | x [@value] : |
|
||||
| summaries.rb:92:6:92:16 | call to get_value | semmle.label | call to get_value |
|
||||
| summaries.rb:92:6:92:16 | call to get_value | semmle.label | call to get_value |
|
||||
| summaries.rb:102:16:102:22 | [post] tainted : | semmle.label | [post] tainted : |
|
||||
| summaries.rb:102:16:102:22 | tainted : | semmle.label | tainted : |
|
||||
| summaries.rb:102:25:102:25 | [post] y : | semmle.label | [post] y : |
|
||||
| summaries.rb:102:33:102:33 | [post] z : | semmle.label | [post] z : |
|
||||
| summaries.rb:104:6:104:6 | y | semmle.label | y |
|
||||
| summaries.rb:105:6:105:6 | z | semmle.label | z |
|
||||
| summaries.rb:108:1:108:1 | [post] x : | semmle.label | [post] x : |
|
||||
| summaries.rb:108:14:108:20 | tainted : | semmle.label | tainted : |
|
||||
| summaries.rb:109:6:109:6 | x | semmle.label | x |
|
||||
| summaries.rb:111:16:111:22 | tainted | semmle.label | tainted |
|
||||
| summaries.rb:111:16:111:22 | tainted | semmle.label | tainted |
|
||||
| summaries.rb:112:21:112:27 | tainted | semmle.label | tainted |
|
||||
| summaries.rb:112:21:112:27 | tainted | semmle.label | tainted |
|
||||
| summaries.rb:115:26:115:32 | tainted | semmle.label | tainted |
|
||||
| summaries.rb:115:26:115:32 | tainted | semmle.label | tainted |
|
||||
| summaries.rb:53:15:53:31 | call to source : | semmle.label | call to source : |
|
||||
| summaries.rb:54:6:54:25 | call to namedArg | semmle.label | call to namedArg |
|
||||
| summaries.rb:54:19:54:24 | ** ... [element :foo] : | semmle.label | ** ... [element :foo] : |
|
||||
| summaries.rb:54:21:54:24 | args [element :foo] : | semmle.label | args [element :foo] : |
|
||||
| summaries.rb:56:6:56:29 | call to anyArg | semmle.label | call to anyArg |
|
||||
| summaries.rb:56:22:56:28 | tainted : | semmle.label | tainted : |
|
||||
| summaries.rb:57:6:57:24 | call to anyArg | semmle.label | call to anyArg |
|
||||
| summaries.rb:57:17:57:23 | tainted : | semmle.label | tainted : |
|
||||
| summaries.rb:59:6:59:34 | call to anyNamedArg | semmle.label | call to anyNamedArg |
|
||||
| summaries.rb:59:27:59:33 | tainted : | semmle.label | tainted : |
|
||||
| summaries.rb:63:6:63:39 | call to anyPositionFromOne | semmle.label | call to anyPositionFromOne |
|
||||
| summaries.rb:63:32:63:38 | tainted : | semmle.label | tainted : |
|
||||
| summaries.rb:65:23:65:29 | tainted : | semmle.label | tainted : |
|
||||
| summaries.rb:65:40:65:40 | x : | semmle.label | x : |
|
||||
| summaries.rb:66:8:66:8 | x | semmle.label | x |
|
||||
| summaries.rb:73:8:73:54 | call to preserveTaint | semmle.label | call to preserveTaint |
|
||||
| summaries.rb:73:24:73:53 | call to source : | semmle.label | call to source : |
|
||||
| summaries.rb:76:8:76:57 | call to preserveTaint | semmle.label | call to preserveTaint |
|
||||
| summaries.rb:76:26:76:56 | call to source : | semmle.label | call to source : |
|
||||
| summaries.rb:79:15:79:29 | call to source : | semmle.label | call to source : |
|
||||
| summaries.rb:79:15:79:29 | call to source : | semmle.label | call to source : |
|
||||
| summaries.rb:79:32:79:46 | call to source : | semmle.label | call to source : |
|
||||
| summaries.rb:79:32:79:46 | call to source : | semmle.label | call to source : |
|
||||
| summaries.rb:81:6:81:6 | a [element 1] : | semmle.label | a [element 1] : |
|
||||
| summaries.rb:81:6:81:6 | a [element 1] : | semmle.label | a [element 1] : |
|
||||
| summaries.rb:81:6:81:9 | ...[...] | semmle.label | ...[...] |
|
||||
| summaries.rb:81:6:81:9 | ...[...] | semmle.label | ...[...] |
|
||||
| summaries.rb:82:6:82:6 | a [element 2] : | semmle.label | a [element 2] : |
|
||||
| summaries.rb:82:6:82:6 | a [element 2] : | semmle.label | a [element 2] : |
|
||||
| summaries.rb:82:6:82:9 | ...[...] | semmle.label | ...[...] |
|
||||
| summaries.rb:82:6:82:9 | ...[...] | semmle.label | ...[...] |
|
||||
| summaries.rb:83:5:83:5 | a [element 1] : | semmle.label | a [element 1] : |
|
||||
| summaries.rb:83:5:83:5 | a [element 1] : | semmle.label | a [element 1] : |
|
||||
| summaries.rb:83:5:83:22 | call to withElementOne [element 1] : | semmle.label | call to withElementOne [element 1] : |
|
||||
| summaries.rb:83:5:83:22 | call to withElementOne [element 1] : | semmle.label | call to withElementOne [element 1] : |
|
||||
| summaries.rb:85:6:85:6 | b [element 1] : | semmle.label | b [element 1] : |
|
||||
| summaries.rb:85:6:85:6 | b [element 1] : | semmle.label | b [element 1] : |
|
||||
| summaries.rb:85:6:85:9 | ...[...] | semmle.label | ...[...] |
|
||||
| summaries.rb:85:6:85:9 | ...[...] | semmle.label | ...[...] |
|
||||
| summaries.rb:87:1:87:1 | [post] a [element 2] : | semmle.label | [post] a [element 2] : |
|
||||
| summaries.rb:87:1:87:1 | [post] a [element 2] : | semmle.label | [post] a [element 2] : |
|
||||
| summaries.rb:87:1:87:1 | a [element 2] : | semmle.label | a [element 2] : |
|
||||
| summaries.rb:87:1:87:1 | a [element 2] : | semmle.label | a [element 2] : |
|
||||
| summaries.rb:90:6:90:6 | a [element 2] : | semmle.label | a [element 2] : |
|
||||
| summaries.rb:90:6:90:6 | a [element 2] : | semmle.label | a [element 2] : |
|
||||
| summaries.rb:90:6:90:9 | ...[...] | semmle.label | ...[...] |
|
||||
| summaries.rb:90:6:90:9 | ...[...] | semmle.label | ...[...] |
|
||||
| summaries.rb:93:1:93:1 | [post] x [@value] : | semmle.label | [post] x [@value] : |
|
||||
| summaries.rb:93:1:93:1 | [post] x [@value] : | semmle.label | [post] x [@value] : |
|
||||
| summaries.rb:93:13:93:26 | call to source : | semmle.label | call to source : |
|
||||
| summaries.rb:93:13:93:26 | call to source : | semmle.label | call to source : |
|
||||
| summaries.rb:94:6:94:6 | x [@value] : | semmle.label | x [@value] : |
|
||||
| summaries.rb:94:6:94:6 | x [@value] : | semmle.label | x [@value] : |
|
||||
| summaries.rb:94:6:94:16 | call to get_value | semmle.label | call to get_value |
|
||||
| summaries.rb:94:6:94:16 | call to get_value | semmle.label | call to get_value |
|
||||
| summaries.rb:104:16:104:22 | [post] tainted : | semmle.label | [post] tainted : |
|
||||
| summaries.rb:104:16:104:22 | tainted : | semmle.label | tainted : |
|
||||
| summaries.rb:104:25:104:25 | [post] y : | semmle.label | [post] y : |
|
||||
| summaries.rb:104:33:104:33 | [post] z : | semmle.label | [post] z : |
|
||||
| summaries.rb:106:6:106:6 | y | semmle.label | y |
|
||||
| summaries.rb:107:6:107:6 | z | semmle.label | z |
|
||||
| summaries.rb:110:1:110:1 | [post] x : | semmle.label | [post] x : |
|
||||
| summaries.rb:110:14:110:20 | tainted : | semmle.label | tainted : |
|
||||
| summaries.rb:111:6:111:6 | x | semmle.label | x |
|
||||
| summaries.rb:113:16:113:22 | tainted | semmle.label | tainted |
|
||||
| summaries.rb:113:16:113:22 | tainted | semmle.label | tainted |
|
||||
| summaries.rb:114:21:114:27 | tainted | semmle.label | tainted |
|
||||
| summaries.rb:114:21:114:27 | tainted | semmle.label | tainted |
|
||||
| summaries.rb:117:26:117:32 | tainted | semmle.label | tainted |
|
||||
| summaries.rb:117:26:117:32 | tainted | semmle.label | tainted |
|
||||
subpaths
|
||||
invalidSpecComponent
|
||||
#select
|
||||
@@ -265,32 +272,33 @@ invalidSpecComponent
|
||||
| summaries.rb:44:8:44:27 | call to matchedByNameRcv | summaries.rb:40:7:40:17 | call to source : | summaries.rb:44:8:44:27 | call to matchedByNameRcv | $@ | summaries.rb:40:7:40:17 | call to source : | call to source : |
|
||||
| summaries.rb:48:8:48:42 | call to preserveTaint | summaries.rb:48:24:48:41 | call to source : | summaries.rb:48:8:48:42 | call to preserveTaint | $@ | summaries.rb:48:24:48:41 | call to source : | call to source : |
|
||||
| summaries.rb:51:6:51:31 | call to namedArg | summaries.rb:1:20:1:36 | call to source : | summaries.rb:51:6:51:31 | call to namedArg | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:54:6:54:29 | call to anyArg | summaries.rb:1:20:1:36 | call to source : | summaries.rb:54:6:54:29 | call to anyArg | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:55:6:55:24 | call to anyArg | summaries.rb:1:20:1:36 | call to source : | summaries.rb:55:6:55:24 | call to anyArg | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:57:6:57:34 | call to anyNamedArg | summaries.rb:1:20:1:36 | call to source : | summaries.rb:57:6:57:34 | call to anyNamedArg | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:61:6:61:39 | call to anyPositionFromOne | summaries.rb:1:20:1:36 | call to source : | summaries.rb:61:6:61:39 | call to anyPositionFromOne | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:64:8:64:8 | x | summaries.rb:1:20:1:36 | call to source : | summaries.rb:64:8:64:8 | x | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:71:8:71:54 | call to preserveTaint | summaries.rb:71:24:71:53 | call to source : | summaries.rb:71:8:71:54 | call to preserveTaint | $@ | summaries.rb:71:24:71:53 | call to source : | call to source : |
|
||||
| summaries.rb:74:8:74:57 | call to preserveTaint | summaries.rb:74:26:74:56 | call to source : | summaries.rb:74:8:74:57 | call to preserveTaint | $@ | summaries.rb:74:26:74:56 | call to source : | call to source : |
|
||||
| summaries.rb:79:6:79:9 | ...[...] | summaries.rb:77:15:77:29 | call to source : | summaries.rb:79:6:79:9 | ...[...] | $@ | summaries.rb:77:15:77:29 | call to source : | call to source : |
|
||||
| summaries.rb:79:6:79:9 | ...[...] | summaries.rb:77:15:77:29 | call to source : | summaries.rb:79:6:79:9 | ...[...] | $@ | summaries.rb:77:15:77:29 | call to source : | call to source : |
|
||||
| summaries.rb:80:6:80:9 | ...[...] | summaries.rb:77:32:77:46 | call to source : | summaries.rb:80:6:80:9 | ...[...] | $@ | summaries.rb:77:32:77:46 | call to source : | call to source : |
|
||||
| summaries.rb:80:6:80:9 | ...[...] | summaries.rb:77:32:77:46 | call to source : | summaries.rb:80:6:80:9 | ...[...] | $@ | summaries.rb:77:32:77:46 | call to source : | call to source : |
|
||||
| summaries.rb:83:6:83:9 | ...[...] | summaries.rb:77:15:77:29 | call to source : | summaries.rb:83:6:83:9 | ...[...] | $@ | summaries.rb:77:15:77:29 | call to source : | call to source : |
|
||||
| summaries.rb:83:6:83:9 | ...[...] | summaries.rb:77:15:77:29 | call to source : | summaries.rb:83:6:83:9 | ...[...] | $@ | summaries.rb:77:15:77:29 | call to source : | call to source : |
|
||||
| summaries.rb:88:6:88:9 | ...[...] | summaries.rb:77:32:77:46 | call to source : | summaries.rb:88:6:88:9 | ...[...] | $@ | summaries.rb:77:32:77:46 | call to source : | call to source : |
|
||||
| summaries.rb:88:6:88:9 | ...[...] | summaries.rb:77:32:77:46 | call to source : | summaries.rb:88:6:88:9 | ...[...] | $@ | summaries.rb:77:32:77:46 | call to source : | call to source : |
|
||||
| summaries.rb:92:6:92:16 | call to get_value | summaries.rb:91:13:91:26 | call to source : | summaries.rb:92:6:92:16 | call to get_value | $@ | summaries.rb:91:13:91:26 | call to source : | call to source : |
|
||||
| summaries.rb:92:6:92:16 | call to get_value | summaries.rb:91:13:91:26 | call to source : | summaries.rb:92:6:92:16 | call to get_value | $@ | summaries.rb:91:13:91:26 | call to source : | call to source : |
|
||||
| summaries.rb:104:6:104:6 | y | summaries.rb:1:20:1:36 | call to source : | summaries.rb:104:6:104:6 | y | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:105:6:105:6 | z | summaries.rb:1:20:1:36 | call to source : | summaries.rb:105:6:105:6 | z | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:109:6:109:6 | x | summaries.rb:1:20:1:36 | call to source : | summaries.rb:109:6:109:6 | x | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:111:16:111:22 | tainted | summaries.rb:1:20:1:36 | call to source : | summaries.rb:111:16:111:22 | tainted | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:111:16:111:22 | tainted | summaries.rb:1:20:1:36 | call to source : | summaries.rb:111:16:111:22 | tainted | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:112:21:112:27 | tainted | summaries.rb:1:20:1:36 | call to source : | summaries.rb:112:21:112:27 | tainted | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:112:21:112:27 | tainted | summaries.rb:1:20:1:36 | call to source : | summaries.rb:112:21:112:27 | tainted | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:115:26:115:32 | tainted | summaries.rb:1:20:1:36 | call to source : | summaries.rb:115:26:115:32 | tainted | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:115:26:115:32 | tainted | summaries.rb:1:20:1:36 | call to source : | summaries.rb:115:26:115:32 | tainted | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:54:6:54:25 | call to namedArg | summaries.rb:53:15:53:31 | call to source : | summaries.rb:54:6:54:25 | call to namedArg | $@ | summaries.rb:53:15:53:31 | call to source : | call to source : |
|
||||
| summaries.rb:56:6:56:29 | call to anyArg | summaries.rb:1:20:1:36 | call to source : | summaries.rb:56:6:56:29 | call to anyArg | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:57:6:57:24 | call to anyArg | summaries.rb:1:20:1:36 | call to source : | summaries.rb:57:6:57:24 | call to anyArg | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:59:6:59:34 | call to anyNamedArg | summaries.rb:1:20:1:36 | call to source : | summaries.rb:59:6:59:34 | call to anyNamedArg | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:63:6:63:39 | call to anyPositionFromOne | summaries.rb:1:20:1:36 | call to source : | summaries.rb:63:6:63:39 | call to anyPositionFromOne | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:66:8:66:8 | x | summaries.rb:1:20:1:36 | call to source : | summaries.rb:66:8:66:8 | x | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:73:8:73:54 | call to preserveTaint | summaries.rb:73:24:73:53 | call to source : | summaries.rb:73:8:73:54 | call to preserveTaint | $@ | summaries.rb:73:24:73:53 | call to source : | call to source : |
|
||||
| summaries.rb:76:8:76:57 | call to preserveTaint | summaries.rb:76:26:76:56 | call to source : | summaries.rb:76:8:76:57 | call to preserveTaint | $@ | summaries.rb:76:26:76:56 | call to source : | call to source : |
|
||||
| summaries.rb:81:6:81:9 | ...[...] | summaries.rb:79:15:79:29 | call to source : | summaries.rb:81:6:81:9 | ...[...] | $@ | summaries.rb:79:15:79:29 | call to source : | call to source : |
|
||||
| summaries.rb:81:6:81:9 | ...[...] | summaries.rb:79:15:79:29 | call to source : | summaries.rb:81:6:81:9 | ...[...] | $@ | summaries.rb:79:15:79:29 | call to source : | call to source : |
|
||||
| summaries.rb:82:6:82:9 | ...[...] | summaries.rb:79:32:79:46 | call to source : | summaries.rb:82:6:82:9 | ...[...] | $@ | summaries.rb:79:32:79:46 | call to source : | call to source : |
|
||||
| summaries.rb:82:6:82:9 | ...[...] | summaries.rb:79:32:79:46 | call to source : | summaries.rb:82:6:82:9 | ...[...] | $@ | summaries.rb:79:32:79:46 | call to source : | call to source : |
|
||||
| summaries.rb:85:6:85:9 | ...[...] | summaries.rb:79:15:79:29 | call to source : | summaries.rb:85:6:85:9 | ...[...] | $@ | summaries.rb:79:15:79:29 | call to source : | call to source : |
|
||||
| summaries.rb:85:6:85:9 | ...[...] | summaries.rb:79:15:79:29 | call to source : | summaries.rb:85:6:85:9 | ...[...] | $@ | summaries.rb:79:15:79:29 | call to source : | call to source : |
|
||||
| summaries.rb:90:6:90:9 | ...[...] | summaries.rb:79:32:79:46 | call to source : | summaries.rb:90:6:90:9 | ...[...] | $@ | summaries.rb:79:32:79:46 | call to source : | call to source : |
|
||||
| summaries.rb:90:6:90:9 | ...[...] | summaries.rb:79:32:79:46 | call to source : | summaries.rb:90:6:90:9 | ...[...] | $@ | summaries.rb:79:32:79:46 | call to source : | call to source : |
|
||||
| summaries.rb:94:6:94:16 | call to get_value | summaries.rb:93:13:93:26 | call to source : | summaries.rb:94:6:94:16 | call to get_value | $@ | summaries.rb:93:13:93:26 | call to source : | call to source : |
|
||||
| summaries.rb:94:6:94:16 | call to get_value | summaries.rb:93:13:93:26 | call to source : | summaries.rb:94:6:94:16 | call to get_value | $@ | summaries.rb:93:13:93:26 | call to source : | call to source : |
|
||||
| summaries.rb:106:6:106:6 | y | summaries.rb:1:20:1:36 | call to source : | summaries.rb:106:6:106:6 | y | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:107:6:107:6 | z | summaries.rb:1:20:1:36 | call to source : | summaries.rb:107:6:107:6 | z | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:111:6:111:6 | x | summaries.rb:1:20:1:36 | call to source : | summaries.rb:111:6:111:6 | x | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:113:16:113:22 | tainted | summaries.rb:1:20:1:36 | call to source : | summaries.rb:113:16:113:22 | tainted | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:113:16:113:22 | tainted | summaries.rb:1:20:1:36 | call to source : | summaries.rb:113:16:113:22 | tainted | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:114:21:114:27 | tainted | summaries.rb:1:20:1:36 | call to source : | summaries.rb:114:21:114:27 | tainted | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:114:21:114:27 | tainted | summaries.rb:1:20:1:36 | call to source : | summaries.rb:114:21:114:27 | tainted | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:117:26:117:32 | tainted | summaries.rb:1:20:1:36 | call to source : | summaries.rb:117:26:117:32 | tainted | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
| summaries.rb:117:26:117:32 | tainted | summaries.rb:1:20:1:36 | call to source : | summaries.rb:117:26:117:32 | tainted | $@ | summaries.rb:1:20:1:36 | call to source : | call to source : |
|
||||
warning
|
||||
| CSV type row should have 5 columns but has 2: test;TooFewColumns |
|
||||
| CSV type row should have 5 columns but has 8: test;TooManyColumns;;;Member[Foo].Instance;too;many;columns |
|
||||
|
||||
@@ -50,6 +50,8 @@ end
|
||||
|
||||
sink(Foo.namedArg(foo: tainted)) # $ hasTaintFlow=tainted
|
||||
sink(Foo.namedArg(tainted))
|
||||
args = { foo: source("tainted") }
|
||||
sink(Foo.namedArg(**args)) # $ hasTaintFlow=tainted
|
||||
|
||||
sink(Foo.anyArg(foo: tainted)) # $ hasTaintFlow=tainted
|
||||
sink(Foo.anyArg(tainted)) # $ hasTaintFlow=tainted
|
||||
|
||||
Reference in New Issue
Block a user