From d8f79818d6ffd1f572bf1a88bad78124785acd3d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Alvaro=20Mu=C3=B1oz?= <pwntester@github.com>
Date: Fri, 25 Oct 2024 10:25:47 +0200
Subject: [PATCH] Improve extraction of Output/Env assignments

---
 ql/lib/codeql/actions/Bash.qll | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/ql/lib/codeql/actions/Bash.qll b/ql/lib/codeql/actions/Bash.qll
index c1e038069eb..fda27732828 100644
--- a/ql/lib/codeql/actions/Bash.qll
+++ b/ql/lib/codeql/actions/Bash.qll
@@ -256,20 +256,20 @@ class BashShellScript extends ShellScript {
 
   override predicate getAWriteToGitHubEnv(string name, string data) {
     exists(string raw |
-      Bash::extractFileWrite(this.getRawScript(), "GITHUB_ENV", raw) and
+      Bash::extractFileWrite(this, "GITHUB_ENV", raw) and
       Bash::extractVariableAndValue(raw, name, data)
     )
   }
 
   override predicate getAWriteToGitHubOutput(string name, string data) {
     exists(string raw |
-      Bash::extractFileWrite(this.getRawScript(), "GITHUB_OUTPUT", raw) and
+      Bash::extractFileWrite(this, "GITHUB_OUTPUT", raw) and
       Bash::extractVariableAndValue(raw, name, data)
     )
   }
 
   override predicate getAWriteToGitHubPath(string data) {
-    Bash::extractFileWrite(this.getRawScript(), "GITHUB_PATH", data)
+    Bash::extractFileWrite(this, "GITHUB_PATH", data)
   }
 
   override predicate getAnEnvReachingGitHubOutputWrite(string var, string output_field) {
@@ -542,12 +542,12 @@ module Bash {
     blockFileWrite(script, cmd, file, content, filters)
   }
 
-  bindingset[script, file_var]
-  predicate extractFileWrite(string script, string file_var, string content) {
+  bindingset[file_var]
+  predicate extractFileWrite(BashShellScript script, string file_var, string content) {
     // single line assignment
     exists(string file_expr, string raw_content |
       isParameterExpansion(file_expr, file_var, _, _) and
-      singleLineFileWrite(script.splitAt("\n"), _, file_expr, raw_content, _) and
+      singleLineFileWrite(script.getAStmt(), _, file_expr, raw_content, _) and
       content = trimQuotes(raw_content)
     )
     or
@@ -566,12 +566,12 @@ module Bash {
         cmd = "add-path" and
         content = value
       ) and
-      singleLineWorkflowCmd(script.splitAt("\n"), cmd, key, value)
+      singleLineWorkflowCmd(script.getAStmt(), cmd, key, value)
     )
     or
     // multiline assignment
     exists(string file_expr, string raw_content |
-      multiLineFileWrite(script, _, file_expr, raw_content, _) and
+      multiLineFileWrite(script.getRawScript(), _, file_expr, raw_content, _) and
       isParameterExpansion(file_expr, file_var, _, _) and
       content = trimQuotes(raw_content)
     )