hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 21:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ruby: Remove ActiveStorage entry points

Browse Source
This commit is contained in:
Harry Maclean
2022-09-02 14:32:18 +12:00
parent 54b05e48a9
commit d5ef853343
2 changed files with 61 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
ruby/ql/test/library-tests/frameworks/active_storage/ActiveStorage.ql
View File

@@ -2,14 +2,9 @@ import ruby
import codeql.ruby.ApiGraphs
import codeql.ruby.DataFlow
import codeql.ruby.Concepts
import codeql.ruby.frameworks.ActiveStorage
query predicate attachmentInstances(DataFlow::Node n) {
n =
API::getTopLevelMember("ActiveStorage")
.getMember("Attachment")
.getInstance()
.getAValueReachableFromSource()
}
query predicate attachmentInstances(ActiveStorage::AttachmentInstance n) { any() }
query predicate httpRequests(HTTP::Client::Request r, string framework, DataFlow::Node responseBody) {
r.getFramework() = framework and r.getResponseBody() = responseBody