hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 02:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

add failing test for safe-ish uses of Object.send

Browse Source
This commit is contained in:
erik-krogh
2022-10-19 11:27:08 +02:00
parent cb33d5aeff
commit d77b31672d
2 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ruby/ql/test/query-tests/security/cwe-094/CodeInjection.expected
View File

@@ -10,6 +10,7 @@ edges
| CodeInjection.rb:38:24:38:27 | code : | CodeInjection.rb:38:10:38:28 | call to escape |
| CodeInjection.rb:78:12:78:17 | call to params : | CodeInjection.rb:78:12:78:24 | ...[...] : |
| CodeInjection.rb:78:12:78:24 | ...[...] : | CodeInjection.rb:80:16:80:19 | code |
| CodeInjection.rb:78:12:78:24 | ...[...] : | CodeInjection.rb:82:16:82:43 | ... + ... |
nodes
| CodeInjection.rb:5:12:5:17 | call to params : | semmle.label | call to params : |
| CodeInjection.rb:5:12:5:24 | ...[...] : | semmle.label | ...[...] : |
@@ -25,6 +26,7 @@ nodes
| CodeInjection.rb:78:12:78:17 | call to params : | semmle.label | call to params : |
| CodeInjection.rb:78:12:78:24 | ...[...] : | semmle.label | ...[...] : |
| CodeInjection.rb:80:16:80:19 | code | semmle.label | code |
| CodeInjection.rb:82:16:82:43 | ... + ... | semmle.label | ... + ... |
subpaths
#select
| CodeInjection.rb:8:10:8:13 | code | CodeInjection.rb:5:12:5:17 | call to params : | CodeInjection.rb:8:10:8:13 | code | This code execution depends on a $@. | CodeInjection.rb:5:12:5:17 | call to params | user-provided value |
@@ -36,3 +38,4 @@ subpaths
| CodeInjection.rb:38:10:38:28 | call to escape | CodeInjection.rb:5:12:5:17 | call to params : | CodeInjection.rb:38:10:38:28 | call to escape | This code execution depends on a $@. | CodeInjection.rb:5:12:5:17 | call to params | user-provided value |
| CodeInjection.rb:41:40:41:43 | code | CodeInjection.rb:5:12:5:17 | call to params : | CodeInjection.rb:41:40:41:43 | code | This code execution depends on a $@. | CodeInjection.rb:5:12:5:17 | call to params | user-provided value |
| CodeInjection.rb:80:16:80:19 | code | CodeInjection.rb:78:12:78:17 | call to params : | CodeInjection.rb:80:16:80:19 | code | This code execution depends on a $@. | CodeInjection.rb:78:12:78:17 | call to params | user-provided value |
| CodeInjection.rb:82:16:82:43 | ... + ... | CodeInjection.rb:78:12:78:17 | call to params : | CodeInjection.rb:82:16:82:43 | ... + ... | This code execution depends on a $@. | CodeInjection.rb:78:12:78:17 | call to params | user-provided value |

2
ruby/ql/test/query-tests/security/cwe-094/CodeInjection.rb
View File

@@ -78,5 +78,7 @@ class UsersController < ActionController::Base
code = params[:code]
obj().send(code, "foo"); # BAD
obj().send("prefix_" + code + "_suffix", "foo"); # GOOD - but still flagged by this query
end
end