diff --git a/ruby/ql/lib/utils/test/internal/InlineExpectationsTestImpl.qll b/ruby/ql/lib/utils/test/internal/InlineExpectationsTestImpl.qll index bea9504be02..bd84f530f9c 100644 --- a/ruby/ql/lib/utils/test/internal/InlineExpectationsTestImpl.qll +++ b/ruby/ql/lib/utils/test/internal/InlineExpectationsTestImpl.qll @@ -4,11 +4,35 @@ private import codeql.util.test.InlineExpectationsTest module Impl implements InlineExpectationsTestSig { private import codeql.ruby.ast.internal.TreeSitter + private newtype TAnyComment = + RubyComment(Ruby::Comment comment) or + ErbComment(R::ErbComment comment) + /** - * A class representing line comments in Ruby. + * A class representing comments that may contain inline expectations (Ruby line comments and ERB comments). */ - class ExpectationComment extends Ruby::Comment { - string getContents() { result = this.getValue().suffix(1) } + class ExpectationComment extends TAnyComment { + Ruby::Comment asRubyComment() { this = RubyComment(result) } + + R::ErbComment asErbComment() { this = ErbComment(result) } + + string toString() { + result = this.asRubyComment().toString() + or + result = this.asErbComment().toString() + } + + Location getLocation() { + result = this.asRubyComment().getLocation() + or + result = this.asErbComment().getLocation() + } + + string getContents() { + result = this.asRubyComment().getValue().suffix(1) + or + result = this.asErbComment().getValue().suffix(1) + } } class Location = R::Location; diff --git a/ruby/ql/test/library-tests/frameworks/sinatra/Flow.expected b/ruby/ql/test/library-tests/frameworks/sinatra/Flow.expected index a33a21d0313..d37b2f6d8a8 100644 --- a/ruby/ql/test/library-tests/frameworks/sinatra/Flow.expected +++ b/ruby/ql/test/library-tests/frameworks/sinatra/Flow.expected @@ -23,7 +23,6 @@ nodes | views/index.erb:2:10:2:12 | call to foo | semmle.label | call to foo | subpaths testFailures -| views/index.erb:2:10:2:12 | call to foo | Unexpected result: hasTaintFlow | #select | app.rb:95:10:95:14 | @user | app.rb:103:13:103:22 | call to source | app.rb:95:10:95:14 | @user | $@ | app.rb:103:13:103:22 | call to source | call to source | | views/index.erb:2:10:2:12 | call to foo | app.rb:75:12:75:17 | call to params | views/index.erb:2:10:2:12 | call to foo | $@ | app.rb:75:12:75:17 | call to params | call to params | diff --git a/ruby/ql/test/library-tests/frameworks/sinatra/views/index.erb b/ruby/ql/test/library-tests/frameworks/sinatra/views/index.erb index aed721833c0..4f990b964d8 100644 --- a/ruby/ql/test/library-tests/frameworks/sinatra/views/index.erb +++ b/ruby/ql/test/library-tests/frameworks/sinatra/views/index.erb @@ -1,2 +1,2 @@ <%= @foo %> -<%= sink foo %> \ No newline at end of file +<%= sink foo %> <%# $ hasTaintFlow %> diff --git a/ruby/ql/test/query-tests/experimental/improper-memoization/ImproperMemoization.expected b/ruby/ql/test/query-tests/experimental/improper-memoization/ImproperMemoization.expected index 36c07e3e105..b24a2e578a0 100644 --- a/ruby/ql/test/query-tests/experimental/improper-memoization/ImproperMemoization.expected +++ b/ruby/ql/test/query-tests/experimental/improper-memoization/ImproperMemoization.expected @@ -1,5 +1,4 @@ testFailures -| improper_memoization.rb:100:1:104:3 | m14 | Unexpected result: result=BAD | #select | improper_memoization.rb:50:1:55:3 | m7 | improper_memoization.rb:50:8:50:10 | arg | improper_memoization.rb:51:3:53:5 | ... \|\|= ... | | improper_memoization.rb:58:1:63:3 | m8 | improper_memoization.rb:58:8:58:10 | arg | improper_memoization.rb:59:3:61:5 | ... \|\|= ... | diff --git a/ruby/ql/test/query-tests/experimental/improper-memoization/improper_memoization.rb b/ruby/ql/test/query-tests/experimental/improper-memoization/improper_memoization.rb index 0b12fe2ad59..41765021e64 100644 --- a/ruby/ql/test/query-tests/experimental/improper-memoization/improper_memoization.rb +++ b/ruby/ql/test/query-tests/experimental/improper-memoization/improper_memoization.rb @@ -101,4 +101,4 @@ def m14(arg) @m14 ||= {} key = "foo/#{arg}" @m14[key] ||= long_running_method(arg) -end +end # $ SPURIOUS: result=BAD