hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-20 22:44:52 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #18572 from asgerf/rb/diff-informed2

Browse Source 
Ruby: fix and improve diff-informed queries
This commit is contained in:
Asger F
2025-01-24 11:05:46 +01:00
committed by GitHub
parent 1b7977bf90 fcb8cac930
commit a54e732aab
9 changed files with 65 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ruby/ql/lib/codeql/ruby/security/ConditionalBypassQuery.qll
View File

@@ -19,6 +19,10 @@ private module Config implements DataFlow::ConfigSig {
predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
predicate observeDiffInformedIncrementalMode() { any() }
Location getASelectedSinkLocation(DataFlow::Node sink) {
result = sink.getLocation() or result = sink.(Sink).getAction().getLocation()
}
}
/**

6
ruby/ql/lib/codeql/ruby/security/InsecureDownloadQuery.qll
View File

@@ -22,6 +22,12 @@ private module InsecureDownloadConfig implements DataFlow::StateConfigSig {
predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
predicate observeDiffInformedIncrementalMode() { any() }
Location getASelectedSinkLocation(DataFlow::Node sink) {
result = sink.(Sink).getLocation()
or
result = sink.(Sink).getDownloadCall().getLocation()
}
}
/**

6
ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionQuery.qll
View File

@@ -26,6 +26,12 @@ private module UnsafeCodeConstructionConfig implements DataFlow::ConfigSig {
DataFlow::FlowFeature getAFeature() { result instanceof DataFlow::FeatureHasSourceCallContext }
predicate observeDiffInformedIncrementalMode() { any() }
Location getASelectedSinkLocation(DataFlow::Node sink) {
result = sink.(Sink).getLocation()
or
result = sink.(Sink).getCodeSink().getLocation()
}
}
/**

6
ruby/ql/lib/codeql/ruby/security/UnsafeHtmlConstructionQuery.qll
View File

@@ -23,6 +23,12 @@ private module UnsafeHtmlConstructionConfig implements DataFlow::ConfigSig {
DataFlow::FlowFeature getAFeature() { result instanceof DataFlow::FeatureHasSourceCallContext }
predicate observeDiffInformedIncrementalMode() { any() }
Location getASelectedSinkLocation(DataFlow::Node sink) {
result = sink.(Sink).getLocation()
or
result = sink.(Sink).getXssSink().getLocation()
}
}
/**

8
ruby/ql/lib/codeql/ruby/security/UnsafeShellCommandConstructionQuery.qll
View File

@@ -28,6 +28,14 @@ private module UnsafeShellCommandConstructionConfig implements DataFlow::ConfigS
DataFlow::FlowFeature getAFeature() { result instanceof DataFlow::FeatureHasSourceCallContext }
predicate observeDiffInformedIncrementalMode() { any() }
Location getASelectedSinkLocation(DataFlow::Node sink) {
result = sink.(Sink).getLocation()
or
result = sink.(Sink).getStringConstruction().getLocation()
or
result = sink.(Sink).getCommandExecution().getLocation()
}
}
/**

8
ruby/ql/lib/codeql/ruby/security/regexp/MissingFullAnchorQuery.qll
View File

@@ -19,6 +19,14 @@ private module MissingFullAnchorConfig implements DataFlow::ConfigSig {
predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
predicate observeDiffInformedIncrementalMode() { any() }
Location getASelectedSinkLocation(DataFlow::Node sink) {
result = sink.(Sink).getLocation()
or
result = sink.(Sink).getCallNode().getLocation()
or
result = sink.(Sink).getRegex().getLocation()
}
}
/**

8
ruby/ql/lib/codeql/ruby/security/regexp/PolynomialReDoSQuery.qll
View File

@@ -20,6 +20,14 @@ private module PolynomialReDoSConfig implements DataFlow::ConfigSig {
predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
predicate observeDiffInformedIncrementalMode() { any() }
Location getASelectedSinkLocation(DataFlow::Node sink) {
result = sink.(Sink).getLocation()
or
result = sink.(Sink).getHighlight().getLocation()
or
result = sink.(Sink).getRegExp().getLocation()
}
}
/**