hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 18:25:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ruby: Update for Http concept changes

Browse Source
This commit is contained in:
Harry Maclean
2022-09-27 10:03:17 +13:00
parent d9487a07b1
commit dea5036912
2 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
ruby/ql/lib/codeql/ruby/frameworks/ActiveStorage.qll
View File

@@ -80,7 +80,7 @@ module ActiveStorage {
/**
* Method calls on `ActiveStorage::Blob` that send HTTP requests.
*/
private class BlobRequestCall extends HTTP::Client::Request::Range {
private class BlobRequestCall extends Http::Client::Request::Range {
BlobRequestCall() {
this =
[
@@ -100,16 +100,20 @@ module ActiveStorage {
|
c
)
].asExpr().getExpr()
]
}
override string getFramework() { result = "activestorage" }
override DataFlow::Node getResponseBody() { result.asExpr().getExpr() = this }
override DataFlow::Node getResponseBody() { result = this }
override DataFlow::Node getAUrlPart() { none() }
override predicate disablesCertificateValidation(DataFlow::Node disablingNode) { none() }
override predicate disablesCertificateValidation(
DataFlow::Node disablingNode, DataFlow::Node argumentOrigin
) {
none()
}
}
/**

2
ruby/ql/test/library-tests/frameworks/active_storage/ActiveStorage.ql
View File

@@ -6,7 +6,7 @@ import codeql.ruby.frameworks.ActiveStorage
query predicate attachmentInstances(ActiveStorage::AttachmentInstance n) { any() }
query predicate httpRequests(HTTP::Client::Request r, string framework, DataFlow::Node responseBody) {
query predicate httpRequests(Http::Client::Request r, string framework, DataFlow::Node responseBody) {
r.getFramework() = framework and r.getResponseBody() = responseBody
}