hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-23 15:55:18 +02:00
Code Issues Packages Projects Releases Wiki Activity

Reinstate Mysql2 sanitizer in MaD

Browse Source
This commit is contained in:
Owen Mansel-Chan
2026-02-17 15:42:21 +00:00
parent 3e4f42f8a3
commit d4bb92b038
2 changed files with 5 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ruby/ql/lib/codeql/ruby/frameworks/Mysql2.model.yml
View File

@@ -4,3 +4,8 @@ extensions:
extensible: summaryModel
data:
- ['Mysql2::Client!', 'Method[escape]', 'Argument[0]', 'ReturnValue', 'taint']
- addsTo:
pack: codeql/ruby-all
extensible: barrierModel
data:
- ['Mysql2::Client!', 'Method[escape].ReturnValue', 'sql-injection']

13
ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.expected
View File

@@ -1,28 +1,15 @@
#select
| Mysql2.rb:13:27:13:72 | "SELECT * FROM users WHERE use..." | Mysql2.rb:3:12:3:17 | call to params | Mysql2.rb:13:27:13:72 | "SELECT * FROM users WHERE use..." | This SQL query depends on a $@. | Mysql2.rb:3:12:3:17 | call to params | user-provided value |
| Mysql2.rb:17:27:17:75 | "SELECT * FROM users WHERE use..." | Mysql2.rb:3:12:3:17 | call to params | Mysql2.rb:17:27:17:75 | "SELECT * FROM users WHERE use..." | This SQL query depends on a $@. | Mysql2.rb:3:12:3:17 | call to params | user-provided value |
| Mysql2.rb:24:31:24:93 | "SELECT * FROM users WHERE use..." | Mysql2.rb:3:12:3:17 | call to params | Mysql2.rb:24:31:24:93 | "SELECT * FROM users WHERE use..." | This SQL query depends on a $@. | Mysql2.rb:3:12:3:17 | call to params | user-provided value |
edges
| Mysql2.rb:3:5:3:8 | name | Mysql2.rb:13:27:13:72 | "SELECT * FROM users WHERE use..." | provenance | AdditionalTaintStep |
| Mysql2.rb:3:5:3:8 | name | Mysql2.rb:16:37:16:40 | name | provenance | |
| Mysql2.rb:3:5:3:8 | name | Mysql2.rb:24:31:24:93 | "SELECT * FROM users WHERE use..." | provenance | AdditionalTaintStep |
| Mysql2.rb:3:12:3:17 | call to params | Mysql2.rb:3:12:3:29 | ...[...] | provenance | |
| Mysql2.rb:3:12:3:29 | ...[...] | Mysql2.rb:3:5:3:8 | name | provenance | |
| Mysql2.rb:16:5:16:11 | escaped | Mysql2.rb:17:27:17:75 | "SELECT * FROM users WHERE use..." | provenance | AdditionalTaintStep |
| Mysql2.rb:16:15:16:41 | call to escape | Mysql2.rb:16:5:16:11 | escaped | provenance | |
| Mysql2.rb:16:37:16:40 | name | Mysql2.rb:16:15:16:41 | call to escape | provenance | MaD:1 |
models
| 1 | Summary: Mysql2::Client!; Method[escape]; Argument[0]; ReturnValue; taint |
nodes
| Mysql2.rb:3:5:3:8 | name | semmle.label | name |
| Mysql2.rb:3:12:3:17 | call to params | semmle.label | call to params |
| Mysql2.rb:3:12:3:29 | ...[...] | semmle.label | ...[...] |
| Mysql2.rb:13:27:13:72 | "SELECT * FROM users WHERE use..." | semmle.label | "SELECT * FROM users WHERE use..." |
| Mysql2.rb:16:5:16:11 | escaped | semmle.label | escaped |
| Mysql2.rb:16:15:16:41 | call to escape | semmle.label | call to escape |
| Mysql2.rb:16:37:16:40 | name | semmle.label | name |
| Mysql2.rb:17:27:17:75 | "SELECT * FROM users WHERE use..." | semmle.label | "SELECT * FROM users WHERE use..." |
| Mysql2.rb:24:31:24:93 | "SELECT * FROM users WHERE use..." | semmle.label | "SELECT * FROM users WHERE use..." |
subpaths
testFailures
| Mysql2.rb:17:27:17:75 | "SELECT * FROM users WHERE use..." | Unexpected result: Alert |