hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 18:25:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ruby: renames for rb/insecure-download

Browse Source
This commit is contained in:
Alex Ford
2023-08-31 16:36:55 +01:00
parent c973fc1274
commit a8ad0d8ff5
3 changed files with 21 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
ruby/ql/test/query-tests/security/cwe-829/InsecureDownload.ql
View File

@@ -1,7 +1,5 @@
import codeql.ruby.AST
import codeql.ruby.DataFlow
import codeql.ruby.security.InsecureDownloadQuery
import Flow::PathGraph
import InsecureDownloadFlow::PathGraph
import TestUtilities.InlineExpectationsTest
import TestUtilities.InlineFlowTestUtil
@@ -10,7 +8,7 @@ module FlowTest implements TestSig {
predicate hasActualResult(Location location, string element, string tag, string value) {
tag = "BAD" and
exists(DataFlow::Node src, DataFlow::Node sink | Flow::flow(src, sink) |
exists(DataFlow::Node src, DataFlow::Node sink | InsecureDownloadFlow::flow(src, sink) |
sink.getLocation() = location and
element = sink.toString() and
if exists(getSourceArgString(src)) then value = getSourceArgString(src) else value = ""
@@ -20,6 +18,6 @@ module FlowTest implements TestSig {
import MakeTest<FlowTest>
from Flow::PathNode source, Flow::PathNode sink
where Flow::flowPath(source, sink)
from InsecureDownloadFlow::PathNode source, InsecureDownloadFlow::PathNode sink
where InsecureDownloadFlow::flowPath(source, sink)
select sink, source, sink, "$@", source, source.toString()