hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix #19294, Ruby NetHttpRequest improvements

Browse Source
This commit is contained in:
Matt Schwager
2025-07-21 15:17:54 -04:00
parent 05572b49de
commit 9da94fb880
2 changed files with 26 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
ruby/ql/lib/codeql/ruby/frameworks/http_clients/NetHttp.qll
View File

@@ -12,15 +12,22 @@ private import codeql.ruby.DataFlow
/** /**
* A `Net::HTTP` call which initiates an HTTP request. * A `Net::HTTP` call which initiates an HTTP request.
* ```ruby * ```ruby
* # one-off request
* Net::HTTP.get("http://example.com/") * Net::HTTP.get("http://example.com/")
* Net::HTTP.post("http://example.com/", "some_data") * Net::HTTP.post("http://example.com/", "some_data")
* req = Net::HTTP.new("example.com") * req = Net::HTTP.new("example.com")
* response = req.get("/") * response = req.get("/")
*
* # connection re-use
* Net::HTTP.start("http://example.com") do |http|
* http.get("/")
* end
* ``` * ```
*/ */
class NetHttpRequest extends Http::Client::Request::Range instanceof DataFlow::CallNode { class NetHttpRequest extends Http::Client::Request::Range instanceof DataFlow::CallNode {
private DataFlow::CallNode request; private DataFlow::CallNode request;
private API::Node requestNode; API::Node requestNode;
API::Node connectionNode;
private boolean returnsResponseBody; private boolean returnsResponseBody;
NetHttpRequest() { NetHttpRequest() {
@@ -30,20 +37,27 @@ class NetHttpRequest extends Http::Client::Request::Range instanceof DataFlow::C
| |
// Net::HTTP.get(...) // Net::HTTP.get(...)
method in ["get", "get_response"] and method in ["get", "get_response"] and
requestNode = API::getTopLevelMember("Net").getMember("HTTP").getReturn(method) and connectionNode = API::getTopLevelMember("Net").getMember("HTTP") and
requestNode = connectionNode.getReturn(method) and
returnsResponseBody = true returnsResponseBody = true
or or
// Net::HTTP.post(...).body // Net::HTTP.post(...).body
method in ["post", "post_form"] and method in ["post", "post_form"] and
requestNode = API::getTopLevelMember("Net").getMember("HTTP").getReturn(method) and connectionNode = API::getTopLevelMember("Net").getMember("HTTP") and
requestNode = connectionNode.getReturn(method) and
returnsResponseBody = false returnsResponseBody = false
or or
// Net::HTTP.new(..).get(..).body // Net::HTTP.new(..).get(..).body
// Net::HTTP.start(..) do |http| http.get(..) end
method in [ method in [
"get", "get2", "request_get", "head", "head2", "request_head", "delete", "put", "patch", "get", "get2", "request_get", "head", "head2", "request_head", "delete", "put", "patch",
"post", "post2", "request_post", "request" "post", "post2", "request_post", "request"
] and ] and
requestNode = API::getTopLevelMember("Net").getMember("HTTP").getInstance().getReturn(method) and connectionNode = [
API::getTopLevelMember("Net").getMember("HTTP").getInstance(),
API::getTopLevelMember("Net").getMember("HTTP").getMethod("start").getBlock().getParameter(0)
] and
requestNode = connectionNode.getReturn(method) and
returnsResponseBody = false returnsResponseBody = false
) )
} }

8
ruby/ql/test/library-tests/frameworks/http_clients/NetHttp.rb
View File

@@ -27,3 +27,11 @@ end
get("example.com", "/").body get("example.com", "/").body
Net::HTTP.post(uri, "some_body") # note: response body not accessed Net::HTTP.post(uri, "some_body") # note: response body not accessed
http = Net::HTTP.new("https://example.com")
root_get = Net::HTTP::Get.new("/")
http.request(root_get)
Net::HTTP.start("https://example.com") do |http|
http.get("/")
end