From f8cca01e6fadba5756a66932ed920bd00893391d Mon Sep 17 00:00:00 2001
From: Arthur Baars <aibaars@github.com>
Date: Wed, 3 Feb 2021 15:16:14 +0100
Subject: [PATCH] Restrict assigment flow to normal assignments only

---
 ql/src/codeql_ruby/controlflow/CfgNodes.qll              | 5 +++++
 ql/src/codeql_ruby/dataflow/internal/DataFlowPrivate.qll | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/ql/src/codeql_ruby/controlflow/CfgNodes.qll b/ql/src/codeql_ruby/controlflow/CfgNodes.qll
index cac0a211691..fed5005f2de 100644
--- a/ql/src/codeql_ruby/controlflow/CfgNodes.qll
+++ b/ql/src/codeql_ruby/controlflow/CfgNodes.qll
@@ -193,6 +193,11 @@ module ExprNodes {
     final ExprCfgNode getRhs() { e.hasCfgChild(e.getRhs(), this, result) }
   }
 
+  /** A control-flow node that wraps an `AssignExpr` AST expression. */
+  class AssignExprCfgNode extends AssignmentCfgNode {
+    AssignExprCfgNode() { this.getExpr() instanceof AssignExpr }
+  }
+
   private class BinaryOperationExprChildMapping extends ExprChildMapping, BinaryOperation {
     override predicate relevantChild(Expr e) { e = this.getAnOperand() }
   }
diff --git a/ql/src/codeql_ruby/dataflow/internal/DataFlowPrivate.qll b/ql/src/codeql_ruby/dataflow/internal/DataFlowPrivate.qll
index ccf1834bf89..7802e098324 100644
--- a/ql/src/codeql_ruby/dataflow/internal/DataFlowPrivate.qll
+++ b/ql/src/codeql_ruby/dataflow/internal/DataFlowPrivate.qll
@@ -123,7 +123,7 @@ private module Cached {
   predicate simpleLocalFlowStep(Node nodeFrom, Node nodeTo) {
     exists(Ssa::Definition def | LocalFlow::localSsaFlowStep(def, nodeFrom, nodeTo))
     or
-    nodeFrom.asExpr() = nodeTo.asExpr().(CfgNodes::ExprNodes::AssignmentCfgNode).getRhs()
+    nodeFrom.asExpr() = nodeTo.asExpr().(CfgNodes::ExprNodes::AssignExprCfgNode).getRhs()
   }
 
   cached