Merge pull request #11022 from hmac/try-code-injection

Ruby: try/try! as code execution

ruby/ql/test/library-tests/frameworks/active_support/ActiveSupport.expected

@@ -5,3 +5,12 @@ constantizeCalls
 loggerInstantiations
 | active_support.rb:6:1:6:33 | call to new |
 | active_support.rb:7:1:7:40 | call to new |
+codeExecutions
+| active_support.rb:1:1:1:22 | call to constantize |
+| active_support.rb:3:1:3:13 | call to constantize |
+| active_support.rb:4:1:4:18 | call to safe_constantize |
+| active_support.rb:296:5:296:18 | call to try |
+| active_support.rb:297:5:297:17 | call to try |
+| active_support.rb:298:5:298:19 | call to try! |
+| active_support.rb:298:5:298:35 | call to try! |
+| active_support.rb:299:5:299:18 | call to try! |

ruby/ql/test/library-tests/frameworks/active_support/ActiveSupport.ql

@@ -1,9 +1,12 @@
 import codeql.ruby.frameworks.ActiveSupport
 import codeql.ruby.DataFlow
 import codeql.ruby.frameworks.stdlib.Logger
+import codeql.ruby.Concepts
 
 query DataFlow::Node constantizeCalls(ActiveSupport::CoreExtensions::String::Constantize c) {
   result = c.getCode()
 }
 
 query predicate loggerInstantiations(Logger::LoggerInstantiation l) { any() }
+
+query predicate codeExecutions(CodeExecution c) { any() }

ruby/ql/test/library-tests/frameworks/active_support/active_support.rb

@@ -290,3 +290,11 @@ def m_deep_dup
   x = source "a"
   sink x.deep_dup # $hasValueFlow=a
 end
+
+def m_try(method)
+    x = "abc"
+    x.try(:upcase)
+    x.try(method)
+    x.try!(:upcase).try!(:downcase)
+    x.try!(method)
+end