hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 17:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #10354 from hvitved/ruby/convert-flow-test

Browse Source 
Ruby: Convert data-flow test to use inline test expectations
This commit is contained in:
Tom Hvitved
2022-09-08 15:20:58 +02:00
committed by GitHub
parent 8b8e74cc9a 46127f9f59
commit e3948e6683
3 changed files with 111 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

130
ruby/ql/test/library-tests/dataflow/call-sensitivity/call-sensitivity.expected
View File

@@ -1,46 +1,92 @@
failures
edges
| call_sensitivity.rb:7:13:7:13 | x : | call_sensitivity.rb:8:11:8:11 | x : |
| call_sensitivity.rb:8:11:8:11 | x : | call_sensitivity.rb:15:20:15:20 | x : |
| call_sensitivity.rb:15:9:15:15 | "taint" : | call_sensitivity.rb:7:13:7:13 | x : |
| call_sensitivity.rb:15:20:15:20 | x : | call_sensitivity.rb:15:28:15:28 | x |
| call_sensitivity.rb:17:27:17:27 | x : | call_sensitivity.rb:18:17:18:17 | x : |
| call_sensitivity.rb:17:27:17:27 | x : | call_sensitivity.rb:18:17:18:17 | x : |
| call_sensitivity.rb:17:27:17:27 | x : | call_sensitivity.rb:18:17:18:17 | x : |
| call_sensitivity.rb:18:17:18:17 | x : | call_sensitivity.rb:27:17:27:17 | x : |
| call_sensitivity.rb:18:17:18:17 | x : | call_sensitivity.rb:36:23:36:23 | x : |
| call_sensitivity.rb:18:17:18:17 | x : | call_sensitivity.rb:39:24:39:24 | x : |
| call_sensitivity.rb:27:17:27:17 | x : | call_sensitivity.rb:27:27:27:27 | x |
| call_sensitivity.rb:28:25:28:31 | "taint" : | call_sensitivity.rb:17:27:17:27 | x : |
| call_sensitivity.rb:36:23:36:23 | x : | call_sensitivity.rb:36:31:36:31 | x |
| call_sensitivity.rb:37:25:37:31 | "taint" : | call_sensitivity.rb:17:27:17:27 | x : |
| call_sensitivity.rb:39:24:39:24 | x : | call_sensitivity.rb:39:32:39:32 | x |
| call_sensitivity.rb:40:26:40:32 | "taint" : | call_sensitivity.rb:17:27:17:27 | x : |
| call_sensitivity.rb:9:7:9:13 | call to taint : | call_sensitivity.rb:9:6:9:14 | ( ... ) |
| call_sensitivity.rb:9:7:9:13 | call to taint : | call_sensitivity.rb:9:6:9:14 | ( ... ) |
| call_sensitivity.rb:11:13:11:13 | x : | call_sensitivity.rb:12:11:12:11 | x : |
| call_sensitivity.rb:11:13:11:13 | x : | call_sensitivity.rb:12:11:12:11 | x : |
| call_sensitivity.rb:12:11:12:11 | x : | call_sensitivity.rb:19:22:19:22 | x : |
| call_sensitivity.rb:12:11:12:11 | x : | call_sensitivity.rb:19:22:19:22 | x : |
| call_sensitivity.rb:19:9:19:17 | ( ... ) : | call_sensitivity.rb:11:13:11:13 | x : |
| call_sensitivity.rb:19:9:19:17 | ( ... ) : | call_sensitivity.rb:11:13:11:13 | x : |
| call_sensitivity.rb:19:10:19:16 | call to taint : | call_sensitivity.rb:19:9:19:17 | ( ... ) : |
| call_sensitivity.rb:19:10:19:16 | call to taint : | call_sensitivity.rb:19:9:19:17 | ( ... ) : |
| call_sensitivity.rb:19:22:19:22 | x : | call_sensitivity.rb:19:30:19:30 | x |
| call_sensitivity.rb:19:22:19:22 | x : | call_sensitivity.rb:19:30:19:30 | x |
| call_sensitivity.rb:21:27:21:27 | x : | call_sensitivity.rb:22:17:22:17 | x : |
| call_sensitivity.rb:21:27:21:27 | x : | call_sensitivity.rb:22:17:22:17 | x : |
| call_sensitivity.rb:21:27:21:27 | x : | call_sensitivity.rb:22:17:22:17 | x : |
| call_sensitivity.rb:21:27:21:27 | x : | call_sensitivity.rb:22:17:22:17 | x : |
| call_sensitivity.rb:21:27:21:27 | x : | call_sensitivity.rb:22:17:22:17 | x : |
| call_sensitivity.rb:21:27:21:27 | x : | call_sensitivity.rb:22:17:22:17 | x : |
| call_sensitivity.rb:22:17:22:17 | x : | call_sensitivity.rb:31:17:31:17 | x : |
| call_sensitivity.rb:22:17:22:17 | x : | call_sensitivity.rb:31:17:31:17 | x : |
| call_sensitivity.rb:22:17:22:17 | x : | call_sensitivity.rb:40:23:40:23 | x : |
| call_sensitivity.rb:22:17:22:17 | x : | call_sensitivity.rb:40:23:40:23 | x : |
| call_sensitivity.rb:22:17:22:17 | x : | call_sensitivity.rb:43:24:43:24 | x : |
| call_sensitivity.rb:22:17:22:17 | x : | call_sensitivity.rb:43:24:43:24 | x : |
| call_sensitivity.rb:31:17:31:17 | x : | call_sensitivity.rb:31:27:31:27 | x |
| call_sensitivity.rb:31:17:31:17 | x : | call_sensitivity.rb:31:27:31:27 | x |
| call_sensitivity.rb:32:25:32:32 | call to taint : | call_sensitivity.rb:21:27:21:27 | x : |
| call_sensitivity.rb:32:25:32:32 | call to taint : | call_sensitivity.rb:21:27:21:27 | x : |
| call_sensitivity.rb:40:23:40:23 | x : | call_sensitivity.rb:40:31:40:31 | x |
| call_sensitivity.rb:40:23:40:23 | x : | call_sensitivity.rb:40:31:40:31 | x |
| call_sensitivity.rb:41:25:41:32 | call to taint : | call_sensitivity.rb:21:27:21:27 | x : |
| call_sensitivity.rb:41:25:41:32 | call to taint : | call_sensitivity.rb:21:27:21:27 | x : |
| call_sensitivity.rb:43:24:43:24 | x : | call_sensitivity.rb:43:32:43:32 | x |
| call_sensitivity.rb:43:24:43:24 | x : | call_sensitivity.rb:43:32:43:32 | x |
| call_sensitivity.rb:44:26:44:33 | call to taint : | call_sensitivity.rb:21:27:21:27 | x : |
| call_sensitivity.rb:44:26:44:33 | call to taint : | call_sensitivity.rb:21:27:21:27 | x : |
nodes
| call_sensitivity.rb:5:6:5:12 | "taint" | semmle.label | "taint" |
| call_sensitivity.rb:7:13:7:13 | x : | semmle.label | x : |
| call_sensitivity.rb:8:11:8:11 | x : | semmle.label | x : |
| call_sensitivity.rb:15:9:15:15 | "taint" : | semmle.label | "taint" : |
| call_sensitivity.rb:15:20:15:20 | x : | semmle.label | x : |
| call_sensitivity.rb:15:28:15:28 | x | semmle.label | x |
| call_sensitivity.rb:17:27:17:27 | x : | semmle.label | x : |
| call_sensitivity.rb:17:27:17:27 | x : | semmle.label | x : |
| call_sensitivity.rb:17:27:17:27 | x : | semmle.label | x : |
| call_sensitivity.rb:18:17:18:17 | x : | semmle.label | x : |
| call_sensitivity.rb:18:17:18:17 | x : | semmle.label | x : |
| call_sensitivity.rb:18:17:18:17 | x : | semmle.label | x : |
| call_sensitivity.rb:27:17:27:17 | x : | semmle.label | x : |
| call_sensitivity.rb:27:27:27:27 | x | semmle.label | x |
| call_sensitivity.rb:28:25:28:31 | "taint" : | semmle.label | "taint" : |
| call_sensitivity.rb:36:23:36:23 | x : | semmle.label | x : |
| call_sensitivity.rb:36:31:36:31 | x | semmle.label | x |
| call_sensitivity.rb:37:25:37:31 | "taint" : | semmle.label | "taint" : |
| call_sensitivity.rb:39:24:39:24 | x : | semmle.label | x : |
| call_sensitivity.rb:39:32:39:32 | x | semmle.label | x |
| call_sensitivity.rb:40:26:40:32 | "taint" : | semmle.label | "taint" : |
| call_sensitivity.rb:9:6:9:14 | ( ... ) | semmle.label | ( ... ) |
| call_sensitivity.rb:9:6:9:14 | ( ... ) | semmle.label | ( ... ) |
| call_sensitivity.rb:9:7:9:13 | call to taint : | semmle.label | call to taint : |
| call_sensitivity.rb:9:7:9:13 | call to taint : | semmle.label | call to taint : |
| call_sensitivity.rb:11:13:11:13 | x : | semmle.label | x : |
| call_sensitivity.rb:11:13:11:13 | x : | semmle.label | x : |
| call_sensitivity.rb:12:11:12:11 | x : | semmle.label | x : |
| call_sensitivity.rb:12:11:12:11 | x : | semmle.label | x : |
| call_sensitivity.rb:19:9:19:17 | ( ... ) : | semmle.label | ( ... ) : |
| call_sensitivity.rb:19:9:19:17 | ( ... ) : | semmle.label | ( ... ) : |
| call_sensitivity.rb:19:10:19:16 | call to taint : | semmle.label | call to taint : |
| call_sensitivity.rb:19:10:19:16 | call to taint : | semmle.label | call to taint : |
| call_sensitivity.rb:19:22:19:22 | x : | semmle.label | x : |
| call_sensitivity.rb:19:22:19:22 | x : | semmle.label | x : |
| call_sensitivity.rb:19:30:19:30 | x | semmle.label | x |
| call_sensitivity.rb:19:30:19:30 | x | semmle.label | x |
| call_sensitivity.rb:21:27:21:27 | x : | semmle.label | x : |
| call_sensitivity.rb:21:27:21:27 | x : | semmle.label | x : |
| call_sensitivity.rb:21:27:21:27 | x : | semmle.label | x : |
| call_sensitivity.rb:21:27:21:27 | x : | semmle.label | x : |
| call_sensitivity.rb:21:27:21:27 | x : | semmle.label | x : |
| call_sensitivity.rb:21:27:21:27 | x : | semmle.label | x : |
| call_sensitivity.rb:22:17:22:17 | x : | semmle.label | x : |
| call_sensitivity.rb:22:17:22:17 | x : | semmle.label | x : |
| call_sensitivity.rb:22:17:22:17 | x : | semmle.label | x : |
| call_sensitivity.rb:22:17:22:17 | x : | semmle.label | x : |
| call_sensitivity.rb:22:17:22:17 | x : | semmle.label | x : |
| call_sensitivity.rb:22:17:22:17 | x : | semmle.label | x : |
| call_sensitivity.rb:31:17:31:17 | x : | semmle.label | x : |
| call_sensitivity.rb:31:17:31:17 | x : | semmle.label | x : |
| call_sensitivity.rb:31:27:31:27 | x | semmle.label | x |
| call_sensitivity.rb:31:27:31:27 | x | semmle.label | x |
| call_sensitivity.rb:32:25:32:32 | call to taint : | semmle.label | call to taint : |
| call_sensitivity.rb:32:25:32:32 | call to taint : | semmle.label | call to taint : |
| call_sensitivity.rb:40:23:40:23 | x : | semmle.label | x : |
| call_sensitivity.rb:40:23:40:23 | x : | semmle.label | x : |
| call_sensitivity.rb:40:31:40:31 | x | semmle.label | x |
| call_sensitivity.rb:40:31:40:31 | x | semmle.label | x |
| call_sensitivity.rb:41:25:41:32 | call to taint : | semmle.label | call to taint : |
| call_sensitivity.rb:41:25:41:32 | call to taint : | semmle.label | call to taint : |
| call_sensitivity.rb:43:24:43:24 | x : | semmle.label | x : |
| call_sensitivity.rb:43:24:43:24 | x : | semmle.label | x : |
| call_sensitivity.rb:43:32:43:32 | x | semmle.label | x |
| call_sensitivity.rb:43:32:43:32 | x | semmle.label | x |
| call_sensitivity.rb:44:26:44:33 | call to taint : | semmle.label | call to taint : |
| call_sensitivity.rb:44:26:44:33 | call to taint : | semmle.label | call to taint : |
subpaths
#select
| call_sensitivity.rb:5:6:5:12 | "taint" | call_sensitivity.rb:5:6:5:12 | "taint" | call_sensitivity.rb:5:6:5:12 | "taint" | $@ | call_sensitivity.rb:5:6:5:12 | "taint" | "taint" |
| call_sensitivity.rb:15:28:15:28 | x | call_sensitivity.rb:15:9:15:15 | "taint" : | call_sensitivity.rb:15:28:15:28 | x | $@ | call_sensitivity.rb:15:9:15:15 | "taint" : | "taint" : |
| call_sensitivity.rb:27:27:27:27 | x | call_sensitivity.rb:28:25:28:31 | "taint" : | call_sensitivity.rb:27:27:27:27 | x | $@ | call_sensitivity.rb:28:25:28:31 | "taint" : | "taint" : |
| call_sensitivity.rb:36:31:36:31 | x | call_sensitivity.rb:37:25:37:31 | "taint" : | call_sensitivity.rb:36:31:36:31 | x | $@ | call_sensitivity.rb:37:25:37:31 | "taint" : | "taint" : |
| call_sensitivity.rb:39:32:39:32 | x | call_sensitivity.rb:40:26:40:32 | "taint" : | call_sensitivity.rb:39:32:39:32 | x | $@ | call_sensitivity.rb:40:26:40:32 | "taint" : | "taint" : |
| call_sensitivity.rb:9:6:9:14 | ( ... ) | call_sensitivity.rb:9:7:9:13 | call to taint : | call_sensitivity.rb:9:6:9:14 | ( ... ) | $@ | call_sensitivity.rb:9:7:9:13 | call to taint : | call to taint : |
| call_sensitivity.rb:19:30:19:30 | x | call_sensitivity.rb:19:10:19:16 | call to taint : | call_sensitivity.rb:19:30:19:30 | x | $@ | call_sensitivity.rb:19:10:19:16 | call to taint : | call to taint : |
| call_sensitivity.rb:31:27:31:27 | x | call_sensitivity.rb:32:25:32:32 | call to taint : | call_sensitivity.rb:31:27:31:27 | x | $@ | call_sensitivity.rb:32:25:32:32 | call to taint : | call to taint : |
| call_sensitivity.rb:40:31:40:31 | x | call_sensitivity.rb:41:25:41:32 | call to taint : | call_sensitivity.rb:40:31:40:31 | x | $@ | call_sensitivity.rb:41:25:41:32 | call to taint : | call to taint : |
| call_sensitivity.rb:43:32:43:32 | x | call_sensitivity.rb:44:26:44:33 | call to taint : | call_sensitivity.rb:43:32:43:32 | x | $@ | call_sensitivity.rb:44:26:44:33 | call to taint : | call to taint : |

18
ruby/ql/test/library-tests/dataflow/call-sensitivity/call-sensitivity.ql
View File

@@ -4,23 +4,9 @@
import ruby
import codeql.ruby.DataFlow
import TestUtilities.InlineFlowTest
import DataFlow::PathGraph
class Conf extends DataFlow::Configuration {
Conf() { this = "Conf" }
override predicate isSource(DataFlow::Node src) {
src.asExpr().getExpr().(StringLiteral).getConstantValue().isString("taint")
}
override predicate isSink(DataFlow::Node sink) {
exists(MethodCall mc |
mc.getMethodName() = "sink" and
mc.getAnArgument() = sink.asExpr().getExpr()
)
}
}
from DataFlow::PathNode source, DataFlow::PathNode sink, Conf conf
from DataFlow::PathNode source, DataFlow::PathNode sink, DefaultTaintFlowConf conf
where conf.hasFlowPath(source, sink)
select sink, source, sink, "$@", source, source.toString()

38
ruby/ql/test/library-tests/dataflow/call-sensitivity/call_sensitivity.rb
View File

@@ -1,43 +1,47 @@
def sink s
puts s
def taint x
x
end
sink "taint"
def sink x
puts "SINK: #{x}"
end
sink (taint 1) # $ hasValueFlow=1
def yielder x
yield x
end
yielder "no taint" { |x| sink x } # no flow
yielder ("no taint") { |x| sink x }
yielder "taint" { |x| puts x } # no flow
yielder (taint 2) { |x| puts x }
yielder "taint" { |x| sink x } # flow
yielder (taint 3) { |x| sink x } # $ hasValueFlow=3
def apply_lambda (lambda, x)
lambda.call(x)
end
my_lambda = -> (x) { sink x }
apply_lambda(my_lambda, "no taint") # no flow
apply_lambda(my_lambda, "no taint")
my_lambda = -> (x) { puts x }
apply_lambda(my_lambda, "taint") # no flow
apply_lambda(my_lambda, taint(4))
my_lambda = -> (x) { sink x }
apply_lambda(my_lambda, "taint") # flow
my_lambda = -> (x) { sink x } # $ hasValueFlow=5
apply_lambda(my_lambda, taint(5))
my_lambda = lambda { |x| sink x }
apply_lambda(my_lambda, "no taint") # no flow
apply_lambda(my_lambda, "no taint")
my_lambda = lambda { |x| puts x }
apply_lambda(my_lambda, "taint") # no flow
apply_lambda(my_lambda, taint(6))
my_lambda = lambda { |x| sink x }
apply_lambda(my_lambda, "taint") # flow
my_lambda = lambda { |x| sink x } # $ hasValueFlow=7
apply_lambda(my_lambda, taint(7))
MY_LAMBDA1 = lambda { |x| sink x }
apply_lambda(MY_LAMBDA1, "taint") # flow
MY_LAMBDA1 = lambda { |x| sink x } # $ hasValueFlow=8
apply_lambda(MY_LAMBDA1, taint(8))
MY_LAMBDA2 = lambda { |x| puts x }
apply_lambda(MY_LAMBDA2, "taint") # no flow
apply_lambda(MY_LAMBDA2, taint(9))