hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 08:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Make Code execution query more specific

Browse Source 
Only the first argument to eval, instance_eval, send, class_send and
module_send is interpreted as Ruby code.
This commit is contained in:
Harry Maclean
2021-10-05 10:24:17 +01:00
parent b955fdb58d
commit e419fc9599
6 changed files with 54 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
ql/test/library-tests/frameworks/StandardLibrary.ql
View File

@@ -1,4 +1,5 @@
import codeql.ruby.frameworks.StandardLibrary
import codeql.ruby.DataFlow
query predicate subshellLiteralExecutions(SubshellLiteralExecution e) { any() }
@@ -14,6 +15,18 @@ query predicate open3CallExecutions(Open3Call c) { any() }
query predicate open3PipelineCallExecutions(Open3PipelineCall c) { any() }
query predicate evalCallCodeExecutions(EvalCallCodeExecution e) { any() }
query DataFlow::Node evalCallCodeExecutions(EvalCallCodeExecution e) { result = e.getCode() }
query predicate sendCallCodeExecutions(SendCallCodeExecution e) { any() }
query DataFlow::Node sendCallCodeExecutions(SendCallCodeExecution e) { result = e.getCode() }
query DataFlow::Node instanceEvalCallCodeExecutions(InstanceEvalCallCodeExecution e) {
result = e.getCode()
}
query DataFlow::Node classEvalCallCodeExecutions(ClassEvalCallCodeExecution e) {
result = e.getCode()
}
query DataFlow::Node moduleEvalCallCodeExecutions(ModuleEvalCallCodeExecution e) {
result = e.getCode()
}