Ruby: Add test for documenting missing flow through destructured parameters

2026-04-30 03:05:15 +02:00 · 2023-08-10 20:22:11 +02:00
parent 3e2c6d69f9
commit b28f60ccd2
1 changed files with 10 additions and 0 deletions
--- a/ruby/ql/test/library-tests/dataflow/params/params_flow.rb
+++ b/ruby/ql/test/library-tests/dataflow/params/params_flow.rb
@@ -116,3 +116,13 @@ splat_followed_by_keyword_param(taint(58), taint(59), c: taint(60))
 x = []
 x[some_index()] = taint(61)
 positional(*x)
+
+def destruct((a,b), (c,(d,e)))
+    sink a # $ MISSING: hasValueFlow=62
+    sink b # $ MISSING: hasValueFlow=63
+    sink c # $ MISSING: hasValueFlow=64
+    sink d
+    sink e # $ MISSING: hasValueFlow=65
+end
+
+destruct([taint(62), taint(63)], [taint(64), [0, taint(65)]])