OrmTracking goes through or expressions

2026-04-27 09:45:15 +02:00 · 2021-10-05 19:52:20 +01:00
parent be018cc97f
commit fb5cfcc9b0
1 changed files with 4 additions and 1 deletions
--- a/ql/lib/codeql/ruby/security/XSS.qll
+++ b/ql/lib/codeql/ruby/security/XSS.qll
@@ -240,7 +240,7 @@ module ReflectedXSS {
  class RemoteFlowSourceAsSource extends Source, RemoteFlowSource { }
 }

-module OrmTracking {
+private module OrmTracking {
  /**
   * A data flow configuration to track flow from finder calls to field accesses.
   */
@@ -257,6 +257,9 @@ module OrmTracking {
      or
      // Propagate flow through arbitrary method calls
      node2.(DataFlow2::CallNode).getReceiver() = node1
+      or
+      // Propagate flow through "or" expressions `or`/`||`
+      node2.asExpr().getExpr().(LogicalOrExpr).getAnOperand() = node1.asExpr().getExpr()
    }
  }
 }