hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-22 23:35:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Address comments

Browse Source
This commit is contained in:
Arthur Baars
2021-05-26 13:35:45 +02:00
parent 423a1b39e1
commit bacbd5e997
3 changed files with 18 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
ql/src/codeql_ruby/dataflow/internal/DataFlowPrivate.qll
View File

@@ -3,6 +3,7 @@ private import codeql_ruby.CFG
private import codeql_ruby.dataflow.SSA
private import DataFlowPublic
private import DataFlowDispatch
private import SsaImpl as SsaImpl
abstract class NodeImpl extends Node {
/** Do not call: use `getEnclosingCallable()` instead. */
@@ -50,8 +51,11 @@ module LocalFlow {
*/
predicate localSsaFlowStep(Ssa::Definition def, Node nodeFrom, Node nodeTo) {
// Flow from parameter into SSA definition
nodeFrom.(ParameterNode).getParameter().(NamedParameter).getVariable() = def.getSourceVariable() and
nodeTo.(SsaDefinitionNode).getDefinition() = def
exists(BasicBlock bb, int i |
bb.getNode(i).getNode() =
nodeFrom.(ParameterNode).getParameter().(NamedParameter).getDefiningAccess() and
nodeTo.(SsaDefinitionNode).getDefinition().definesAt(_, bb, i)
)
or
// Flow from assignment into SSA definition
exists(CfgNodes::ExprNodes::AssignmentCfgNode a, BasicBlock bb, int i |
@@ -227,13 +231,13 @@ private module ParameterNodes {
abstract private class ParameterNodeImpl extends ParameterNode, NodeImpl { }
/**
* The value of an explicit parameter at function entry, viewed as a node in a data
* The value of a normal parameter at function entry, viewed as a node in a data
* flow graph.
*/
class ExplicitParameterNode extends ParameterNodeImpl, TNormalParameterNode {
class NormalParameterNode extends ParameterNodeImpl, TNormalParameterNode {
private Parameter parameter;
ExplicitParameterNode() { this = TNormalParameterNode(parameter) }
NormalParameterNode() { this = TNormalParameterNode(parameter) }
override Parameter getParameter() { result = parameter }
@@ -439,7 +443,13 @@ private module OutNodes {
import OutNodes
predicate jumpStep(Node pred, Node succ) { none() }
predicate jumpStep(Node pred, Node succ) {
SsaImpl::captureFlowIn(pred.(SsaDefinitionNode).getDefinition(),
succ.(SsaDefinitionNode).getDefinition())
or
SsaImpl::captureFlowOut(pred.(SsaDefinitionNode).getDefinition(),
succ.(SsaDefinitionNode).getDefinition())
}
predicate storeStep(Node node1, Content c, Node node2) { none() }

2
ql/src/codeql_ruby/dataflow/internal/SsaImpl.qll
View File

@@ -198,7 +198,7 @@ private module Cached {
}
/**
* Holds if there is outgoinh flow for a captured variable that is updated in a block.
* Holds if there is outgoing flow for a captured variable that is updated in a block.
* ```rb
* foo = 0
* bar {

10
ql/src/codeql_ruby/typetracking/TypeTrackerSpecific.qll
View File

@@ -12,15 +12,7 @@ class LocalSourceNode = DataFlowPublic::LocalSourceNode;
predicate simpleLocalFlowStep = DataFlowPrivate::simpleLocalFlowStep/2;
predicate jumpStep(Node nodeFrom, Node nodeTo) {
DataFlowPrivate::jumpStep(nodeFrom, nodeTo)
or
SsaImpl::captureFlowIn(nodeFrom.(DataFlowPrivate::SsaDefinitionNode).getDefinition(),
nodeTo.(DataFlowPrivate::SsaDefinitionNode).getDefinition())
or
SsaImpl::captureFlowOut(nodeFrom.(DataFlowPrivate::SsaDefinitionNode).getDefinition(),
nodeTo.(DataFlowPrivate::SsaDefinitionNode).getDefinition())
}
predicate jumpStep = DataFlowPrivate::jumpStep/2;
/**
* Gets the name of a possible piece of content. This will usually include things like