hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 16:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ruby: Add test for AR PersistentWriteAccesses

Browse Source
This commit is contained in:
Harry Maclean
2022-07-19 12:40:23 +12:00
parent 7ed81db32d
commit d4f7f2b75e
2 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ruby/ql/test/library-tests/frameworks/active_record/ActiveRecord.ql
View File

@@ -1,5 +1,7 @@
import codeql.ruby.controlflow.CfgNodes
import codeql.ruby.frameworks.ActiveRecord
import codeql.ruby.Concepts
import codeql.ruby.DataFlow
query predicate activeRecordModelClasses(ActiveRecordModelClass cls) { any() }
@@ -18,3 +20,7 @@ query predicate activeRecordModelInstantiations(
) {
i.getClass() = cls
}
query predicate persistentWriteAccesses(PersistentWriteAccess w, DataFlow::Node value) {
w.getValue() = value
}

16
ruby/ql/test/library-tests/frameworks/active_record/ActiveRecord.rb
View File

@@ -67,6 +67,22 @@ class BazController < BarController
def yet_another_handler
Admin.delete_by(params[:admin_condition])
end
def create1
Admin.create(params)
end
def create2
Admin.create(name: params[:name])
end
def update1
Admin.update(params)
end
def update2
Admin.update(name: params[:name])
end
end
class AnnotatedController < ActionController::Base