hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-19 14:04:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Resolve semantic conflicts after rebase

Browse Source
This commit is contained in:
Tom Hvitved
2021-09-21 11:07:58 +02:00
parent 564c76c41f
commit cdc359527a
3 changed files with 4 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ql/lib/codeql/ruby/dataflow/internal/DataFlowDispatch.qll
View File

@@ -424,9 +424,9 @@ DataFlowCallable viableImplInCallContext(DataFlowCall call, DataFlowCall ctx) {
/**
* Holds if `e` is an `ExprNode` that may be returned by a call to `c`.
*/
predicate exprNodeReturnedFrom(DataFlow::ExprNode e, DataFlowCallable c) {
predicate exprNodeReturnedFrom(DataFlow::ExprNode e, Callable c) {
exists(ReturnNode r |
r.getEnclosingCallable() = c and
r.getEnclosingCallable().asCallable() = c and
(
r.(ExplicitReturnNode).getReturningNode().getReturnedValueNode() = e.asExpr() or
r.(ExprReturnNode) = e

6
ql/lib/codeql/ruby/frameworks/StandardLibrary.qll
View File

@@ -2,8 +2,6 @@ private import codeql.ruby.AST
private import codeql.ruby.Concepts
private import codeql.ruby.DataFlow
private import codeql.ruby.ApiGraphs
private import codeql.ruby.dataflow.internal.DataFlowDispatch
private import codeql.ruby.dataflow.internal.DataFlowImplCommon
/**
* The `Kernel` module is included by the `Object` class, so its methods are available
@@ -17,9 +15,7 @@ class KernelMethodCall extends MethodCall {
// we assume that if there's no obvious target for this method call
// and the method name matches a Kernel method, then it is a Kernel method call.
// TODO: ApiGraphs should ideally handle this case
not exists(DataFlowCallable method, DataFlowCall call |
viableCallable(call) = method and call.getExpr() = this
) and
not exists(this.(Call).getATarget()) and
(
this.getReceiver() instanceof Self and isPrivateKernelMethod(this.getMethodName())
or

1
ql/test/library-tests/dataflow/summaries/Summaries.expected
View File

@@ -25,6 +25,7 @@ nodes
| summaries.rb:16:12:16:43 | call to apply_lambda : | semmle.label | call to apply_lambda : |
| summaries.rb:16:36:16:42 | tainted : | semmle.label | tainted : |
| summaries.rb:18:6:18:13 | tainted3 | semmle.label | tainted3 |
subpaths
invalidSpecComponent
#select
| summaries.rb:2:6:2:12 | tainted | summaries.rb:1:20:1:26 | "taint" : | summaries.rb:2:6:2:12 | tainted | $@ | summaries.rb:1:20:1:26 | "taint" : | "taint" : |