Merge branch 'main' into experimental-manually-check-request-verb

ruby/ql/test/library-tests/ast/Ast.expected

@@ -1556,6 +1556,35 @@ constants/constants.rb:
 #   73|       getAnOperand/getLeftOperand: [ClassVariableAccess] @@fourty_six
 #   73|       getAnOperand/getRightOperand: [ConstantReadAccess] FOURTY_SIX
 #   73|         getScopeExpr: [ConstantReadAccess] Mod3
+#   78|   getStmt: [AssignExpr] ... = ...
+#   78|     getAnOperand/getLeftOperand: [LocalVariableAccess] a
+#   78|     getAnOperand/getRightOperand: [ArrayLiteral] [...]
+#   78|       getElement: [IntegerLiteral] 1
+#   78|       getElement: [IntegerLiteral] 2
+#   78|       getElement: [IntegerLiteral] 3
+#   79|   getStmt: [AssignExpr] ... = ...
+#   79|     getAnOperand/getLeftOperand: [ConstantAssignment] A
+#   79|     getAnOperand/getRightOperand: [ArrayLiteral] [...]
+#   79|       getElement: [IntegerLiteral] 1
+#   79|       getElement: [IntegerLiteral] 2
+#   79|       getElement: [IntegerLiteral] 3
+#   80|   getStmt: [AssignExpr] ... = ...
+#   80|     getAnOperand/getLeftOperand: [ConstantAssignment] B
+#   80|     getAnOperand/getRightOperand: [LocalVariableAccess] a
+#   81|   getStmt: [AssignExpr] ... = ...
+#   81|     getAnOperand/getLeftOperand: [ConstantAssignment] C
+#   81|     getAnOperand/getRightOperand: [ConstantReadAccess] A
+#   82|   getStmt: [AssignExpr] ... = ...
+#   82|     getAnOperand/getLeftOperand: [LocalVariableAccess] b
+#   82|     getAnOperand/getRightOperand: [ConstantReadAccess] B
+#   84|   getStmt: [IfExpr] if ...
+#   84|     getCondition: [MethodCall] call to condition
+#   84|       getReceiver: [SelfVariableAccess] self
+#   84|     getBranch/getThen: [StmtSequence] then ...
+#   85|       getStmt: [AssignExpr] ... = ...
+#   85|         getAnOperand/getLeftOperand: [LocalVariableAccess] c
+#   85|         getAnOperand/getRightOperand: [LocalVariableAccess] b
+#   87|   getStmt: [LocalVariableAccess] c
 escape_sequences/escapes.rb:
 #    1| [Toplevel] escapes.rb
 #    6|   getStmt: [StringLiteral] "\'"

ruby/ql/test/library-tests/ast/AstDesugar.expected

@@ -336,6 +336,18 @@ constants/constants.rb:
 #   20|       getComponent: [StringTextComponent] Chuck
 #   20|     getArgument: [StringLiteral] "Dave"
 #   20|       getComponent: [StringTextComponent] Dave
+#   78| [ArrayLiteral] [...]
+#   78|   getDesugared: [MethodCall] call to []
+#   78|     getReceiver: [ConstantReadAccess] Array
+#   78|     getArgument: [IntegerLiteral] 1
+#   78|     getArgument: [IntegerLiteral] 2
+#   78|     getArgument: [IntegerLiteral] 3
+#   79| [ArrayLiteral] [...]
+#   79|   getDesugared: [MethodCall] call to []
+#   79|     getReceiver: [ConstantReadAccess] Array
+#   79|     getArgument: [IntegerLiteral] 1
+#   79|     getArgument: [IntegerLiteral] 2
+#   79|     getArgument: [IntegerLiteral] 3
 escape_sequences/escapes.rb:
 #   58| [ArrayLiteral] %w(...)
 #   58|   getDesugared: [MethodCall] call to []

ruby/ql/test/library-tests/ast/TreeSitter.expected

@@ -1656,10 +1656,56 @@ constants/constants.rb:
 #   73|         1: [ReservedWord] ::
 #   73|         2: [Constant] FOURTY_SIX
 #   74|     5: [ReservedWord] end
+#   78|   13: [Assignment] Assignment
+#   78|     0: [Identifier] a
+#   78|     1: [ReservedWord] =
+#   78|     2: [Array] Array
+#   78|       0: [ReservedWord] [
+#   78|       1: [Integer] 1
+#   78|       2: [ReservedWord] ,
+#   78|       3: [Integer] 2
+#   78|       4: [ReservedWord] ,
+#   78|       5: [Integer] 3
+#   78|       6: [ReservedWord] ]
+#   79|   14: [Assignment] Assignment
+#   79|     0: [Constant] A
+#   79|     1: [ReservedWord] =
+#   79|     2: [Array] Array
+#   79|       0: [ReservedWord] [
+#   79|       1: [Integer] 1
+#   79|       2: [ReservedWord] ,
+#   79|       3: [Integer] 2
+#   79|       4: [ReservedWord] ,
+#   79|       5: [Integer] 3
+#   79|       6: [ReservedWord] ]
+#   80|   15: [Assignment] Assignment
+#   80|     0: [Constant] B
+#   80|     1: [ReservedWord] =
+#   80|     2: [Identifier] a
+#   81|   16: [Assignment] Assignment
+#   81|     0: [Constant] C
+#   81|     1: [ReservedWord] =
+#   81|     2: [Constant] A
+#   82|   17: [Assignment] Assignment
+#   82|     0: [Identifier] b
+#   82|     1: [ReservedWord] =
+#   82|     2: [Constant] B
+#   84|   18: [If] If
+#   84|     0: [ReservedWord] if
+#   84|     1: [Identifier] condition
+#   84|     2: [Then] Then
+#   85|       0: [Assignment] Assignment
+#   85|         0: [Identifier] c
+#   85|         1: [ReservedWord] =
+#   85|         2: [Identifier] b
+#   86|     3: [ReservedWord] end
+#   87|   19: [Identifier] c
 #   26| [Comment] # A call to Kernel::Array; despite beginning with an upper-case character,
 #   27| [Comment] # we don't consider this to be a constant access.
 #   55| [Comment] # refers to ::ModuleA::FOURTY_FOUR
 #   57| [Comment] # refers to ::ModuleA::ModuleB::ClassB::FOURTY_FOUR
+#   76| [Comment] # Array constants
+#   87| [Comment] # not recognised
 control/cases.rb:
 #    1| [Program] Program
 #    2|   0: [Assignment] Assignment

ruby/ql/test/library-tests/ast/ValueText.expected

@@ -109,6 +109,12 @@ exprValue
 | constants/constants.rb:63:19:63:20 | 45 | 45 | int |
 | constants/constants.rb:65:19:65:35 | FOURTY_FIVE | 45 | int |
 | constants/constants.rb:71:18:71:19 | 46 | 46 | int |
+| constants/constants.rb:78:6:78:6 | 1 | 1 | int |
+| constants/constants.rb:78:9:78:9 | 2 | 2 | int |
+| constants/constants.rb:78:12:78:12 | 3 | 3 | int |
+| constants/constants.rb:79:6:79:6 | 1 | 1 | int |
+| constants/constants.rb:79:9:79:9 | 2 | 2 | int |
+| constants/constants.rb:79:12:79:12 | 3 | 3 | int |
 | control/cases.rb:2:5:2:5 | 0 | 0 | int |
 | control/cases.rb:3:5:3:5 | 0 | 0 | int |
 | control/cases.rb:4:5:4:5 | 0 | 0 | int |
@@ -1004,6 +1010,12 @@ exprCfgNodeValue
 | constants/constants.rb:63:19:63:20 | 45 | 45 | int |
 | constants/constants.rb:65:19:65:35 | FOURTY_FIVE | 45 | int |
 | constants/constants.rb:71:18:71:19 | 46 | 46 | int |
+| constants/constants.rb:78:6:78:6 | 1 | 1 | int |
+| constants/constants.rb:78:9:78:9 | 2 | 2 | int |
+| constants/constants.rb:78:12:78:12 | 3 | 3 | int |
+| constants/constants.rb:79:6:79:6 | 1 | 1 | int |
+| constants/constants.rb:79:9:79:9 | 2 | 2 | int |
+| constants/constants.rb:79:12:79:12 | 3 | 3 | int |
 | control/cases.rb:2:5:2:5 | 0 | 0 | int |
 | control/cases.rb:3:5:3:5 | 0 | 0 | int |
 | control/cases.rb:4:5:4:5 | 0 | 0 | int |

ruby/ql/test/library-tests/ast/constants/constants.expected

@@ -61,6 +61,13 @@ constantAccess
 | constants.rb:71:5:71:14 | FOURTY_SIX | write | FOURTY_SIX | ConstantAssignment |
 | constants.rb:73:18:73:21 | Mod3 | read | Mod3 | ConstantReadAccess |
 | constants.rb:73:18:73:33 | FOURTY_SIX | read | FOURTY_SIX | ConstantReadAccess |
+| constants.rb:78:5:78:13 | Array | read | Array | ConstantReadAccess |
+| constants.rb:79:1:79:1 | A | write | A | ConstantAssignment |
+| constants.rb:79:5:79:13 | Array | read | Array | ConstantReadAccess |
+| constants.rb:80:1:80:1 | B | write | B | ConstantAssignment |
+| constants.rb:81:1:81:1 | C | write | C | ConstantAssignment |
+| constants.rb:81:5:81:5 | A | read | A | ConstantReadAccess |
+| constants.rb:82:5:82:5 | B | read | B | ConstantReadAccess |
 getConst
 | constants.rb:1:1:15:3 | ModuleA | CONST_B | constants.rb:6:15:6:23 | "const_b" |
 | constants.rb:1:1:15:3 | ModuleA | FOURTY_FOUR | constants.rb:53:17:53:29 | "fourty-four" |
@@ -71,23 +78,41 @@ getConst
 | constants.rb:54:3:58:5 | ModuleA::ModuleB::ClassB | FOURTY_ONE | constants.rb:48:18:48:19 | 41 |
 | constants.rb:62:3:64:5 | Mod1::Mod3 | FOURTY_FIVE | constants.rb:63:19:63:20 | 45 |
 | constants.rb:70:3:72:5 | Mod1::Mod3::Mod5 | FOURTY_SIX | constants.rb:71:18:71:19 | 46 |
+| file://:0:0:0:0 | Object | A | constants.rb:79:5:79:13 | [...] |
+| file://:0:0:0:0 | Object | B | constants.rb:80:5:80:5 | a |
+| file://:0:0:0:0 | Object | C | constants.rb:81:5:81:5 | A |
 | file://:0:0:0:0 | Object | GREETING | constants.rb:17:12:17:64 | ... + ... |
 lookupConst
 | constants.rb:1:1:15:3 | ModuleA | CONST_B | constants.rb:6:15:6:23 | "const_b" |
 | constants.rb:1:1:15:3 | ModuleA | FOURTY_FOUR | constants.rb:53:17:53:29 | "fourty-four" |
+| constants.rb:2:5:4:7 | ModuleA::ClassA | A | constants.rb:79:5:79:13 | [...] |
+| constants.rb:2:5:4:7 | ModuleA::ClassA | B | constants.rb:80:5:80:5 | a |
+| constants.rb:2:5:4:7 | ModuleA::ClassA | C | constants.rb:81:5:81:5 | A |
 | constants.rb:2:5:4:7 | ModuleA::ClassA | CONST_A | constants.rb:3:19:3:27 | "const_a" |
 | constants.rb:2:5:4:7 | ModuleA::ClassA | GREETING | constants.rb:17:12:17:64 | ... + ... |
 | constants.rb:8:5:14:7 | ModuleA::ModuleB | MAX_SIZE | constants.rb:39:30:39:33 | 1024 |
+| constants.rb:12:9:13:11 | ModuleA::ModuleB::ClassC | A | constants.rb:79:5:79:13 | [...] |
+| constants.rb:12:9:13:11 | ModuleA::ModuleB::ClassC | B | constants.rb:80:5:80:5 | a |
+| constants.rb:12:9:13:11 | ModuleA::ModuleB::ClassC | C | constants.rb:81:5:81:5 | A |
 | constants.rb:12:9:13:11 | ModuleA::ModuleB::ClassC | GREETING | constants.rb:17:12:17:64 | ... + ... |
+| constants.rb:31:1:33:3 | ModuleA::ClassD | A | constants.rb:79:5:79:13 | [...] |
+| constants.rb:31:1:33:3 | ModuleA::ClassD | B | constants.rb:80:5:80:5 | a |
+| constants.rb:31:1:33:3 | ModuleA::ClassD | C | constants.rb:81:5:81:5 | A |
 | constants.rb:31:1:33:3 | ModuleA::ClassD | CONST_A | constants.rb:3:19:3:27 | "const_a" |
 | constants.rb:31:1:33:3 | ModuleA::ClassD | FOURTY_TWO | constants.rb:32:16:32:17 | 42 |
 | constants.rb:31:1:33:3 | ModuleA::ClassD | GREETING | constants.rb:17:12:17:64 | ... + ... |
 | constants.rb:35:1:37:3 | ModuleA::ModuleC | FOURTY_THREE | constants.rb:36:18:36:19 | 43 |
+| constants.rb:54:3:58:5 | ModuleA::ModuleB::ClassB | A | constants.rb:79:5:79:13 | [...] |
+| constants.rb:54:3:58:5 | ModuleA::ModuleB::ClassB | B | constants.rb:80:5:80:5 | a |
+| constants.rb:54:3:58:5 | ModuleA::ModuleB::ClassB | C | constants.rb:81:5:81:5 | A |
 | constants.rb:54:3:58:5 | ModuleA::ModuleB::ClassB | FOURTY_FOUR | constants.rb:56:19:56:20 | 44 |
 | constants.rb:54:3:58:5 | ModuleA::ModuleB::ClassB | FOURTY_ONE | constants.rb:48:18:48:19 | 41 |
 | constants.rb:54:3:58:5 | ModuleA::ModuleB::ClassB | GREETING | constants.rb:17:12:17:64 | ... + ... |
 | constants.rb:62:3:64:5 | Mod1::Mod3 | FOURTY_FIVE | constants.rb:63:19:63:20 | 45 |
 | constants.rb:70:3:72:5 | Mod1::Mod3::Mod5 | FOURTY_SIX | constants.rb:71:18:71:19 | 46 |
+| file://:0:0:0:0 | Object | A | constants.rb:79:5:79:13 | [...] |
+| file://:0:0:0:0 | Object | B | constants.rb:80:5:80:5 | a |
+| file://:0:0:0:0 | Object | C | constants.rb:81:5:81:5 | A |
 | file://:0:0:0:0 | Object | GREETING | constants.rb:17:12:17:64 | ... + ... |
 constantValue
 | constants.rb:17:22:17:45 | CONST_A | constants.rb:3:19:3:27 | "const_a" |
@@ -101,6 +126,8 @@ constantValue
 | constants.rb:57:21:57:31 | FOURTY_FOUR | constants.rb:53:17:53:29 | "fourty-four" |
 | constants.rb:57:21:57:31 | FOURTY_FOUR | constants.rb:56:19:56:20 | 44 |
 | constants.rb:65:19:65:35 | FOURTY_FIVE | constants.rb:63:19:63:20 | 45 |
+| constants.rb:81:5:81:5 | A | constants.rb:79:5:79:13 | [...] |
+| constants.rb:82:5:82:5 | B | constants.rb:80:5:80:5 | a |
 constantWriteAccessQualifiedName
 | constants.rb:1:1:15:3 | ModuleA | ModuleA |
 | constants.rb:2:5:4:7 | ClassA | ModuleA::ClassA |
@@ -133,3 +160,14 @@ constantWriteAccessQualifiedName
 | constants.rb:70:3:72:5 | Mod5 | Mod3::Mod5 |
 | constants.rb:71:5:71:14 | FOURTY_SIX | Mod1::Mod3::Mod5::FOURTY_SIX |
 | constants.rb:71:5:71:14 | FOURTY_SIX | Mod3::Mod5::FOURTY_SIX |
+| constants.rb:79:1:79:1 | A | A |
+| constants.rb:80:1:80:1 | B | B |
+| constants.rb:81:1:81:1 | C | C |
+arrayConstant
+| constants.rb:20:13:20:37 | call to [] | constants.rb:20:13:20:37 | call to [] |
+| constants.rb:78:5:78:13 | call to [] | constants.rb:78:5:78:13 | call to [] |
+| constants.rb:79:5:79:13 | call to [] | constants.rb:79:5:79:13 | call to [] |
+| constants.rb:80:5:80:5 | a | constants.rb:78:5:78:13 | call to [] |
+| constants.rb:81:5:81:5 | A | constants.rb:79:5:79:13 | call to [] |
+| constants.rb:82:5:82:5 | B | constants.rb:78:5:78:13 | call to [] |
+| constants.rb:85:7:85:7 | b | constants.rb:78:5:78:13 | call to [] |

ruby/ql/test/library-tests/ast/constants/constants.ql

@@ -1,5 +1,6 @@
 import ruby
 import codeql.ruby.ast.internal.Module as M
+import codeql.ruby.ast.internal.Constant
 
 query predicate constantAccess(ConstantAccess a, string kind, string name, string cls) {
   (
@@ -20,3 +21,5 @@ query predicate constantValue(ConstantReadAccess a, Expr e) { e = a.getValue() }
 query predicate constantWriteAccessQualifiedName(ConstantWriteAccess w, string qualifiedName) {
   w.getAQualifiedName() = qualifiedName
 }
+
+query predicate arrayConstant = isArrayConstant/2;

ruby/ql/test/library-tests/ast/constants/constants.rb

@@ -72,3 +72,16 @@ module Mod4
   end
   @@fourty_six = Mod3::FOURTY_SIX
 end
+
+# Array constants
+
+a = [1, 2, 3]
+A = [1, 2, 3]
+B = a
+C = A
+b = B
+
+if condition
+  c = b
+end
+c # not recognised

ruby/ql/test/library-tests/dataflow/barrier-guards/barrier-guards.expected

@@ -0,0 +1,22 @@
+WARNING: Type BarrierGuard has been deprecated and may be removed in future (barrier-guards.ql:8,3-15)
+oldStyleBarrierGuards
+| barrier-guards.rb:3:4:3:15 | ... == ... | barrier-guards.rb:4:5:4:7 | foo | barrier-guards.rb:3:4:3:6 | foo | true |
+| barrier-guards.rb:9:4:9:24 | call to include? | barrier-guards.rb:10:5:10:7 | foo | barrier-guards.rb:9:21:9:23 | foo | true |
+| barrier-guards.rb:15:4:15:15 | ... != ... | barrier-guards.rb:18:5:18:7 | foo | barrier-guards.rb:15:4:15:6 | foo | false |
+| barrier-guards.rb:21:8:21:19 | ... == ... | barrier-guards.rb:24:5:24:7 | foo | barrier-guards.rb:21:8:21:10 | foo | true |
+| barrier-guards.rb:27:8:27:19 | ... != ... | barrier-guards.rb:28:5:28:7 | foo | barrier-guards.rb:27:8:27:10 | foo | false |
+| barrier-guards.rb:37:4:37:20 | call to include? | barrier-guards.rb:38:5:38:7 | foo | barrier-guards.rb:37:17:37:19 | foo | true |
+| barrier-guards.rb:43:4:43:15 | ... == ... | barrier-guards.rb:45:9:45:11 | foo | barrier-guards.rb:43:4:43:6 | foo | true |
+| barrier-guards.rb:70:4:70:21 | call to include? | barrier-guards.rb:71:5:71:7 | foo | barrier-guards.rb:70:18:70:20 | foo | true |
+| barrier-guards.rb:82:4:82:25 | ... != ... | barrier-guards.rb:83:5:83:7 | foo | barrier-guards.rb:82:15:82:17 | foo | true |
+newStyleBarrierGuards
+| barrier-guards.rb:4:5:4:7 | foo |
+| barrier-guards.rb:10:5:10:7 | foo |
+| barrier-guards.rb:18:5:18:7 | foo |
+| barrier-guards.rb:24:5:24:7 | foo |
+| barrier-guards.rb:28:5:28:7 | foo |
+| barrier-guards.rb:38:5:38:7 | foo |
+| barrier-guards.rb:45:9:45:11 | foo |
+| barrier-guards.rb:71:5:71:7 | foo |
+| barrier-guards.rb:83:5:83:7 | foo |
+| barrier-guards.rb:91:5:91:7 | foo |

ruby/ql/test/library-tests/dataflow/barrier-guards/barrier-guards.ql

@@ -0,0 +1,16 @@
+import codeql.ruby.dataflow.internal.DataFlowPublic
+import codeql.ruby.dataflow.BarrierGuards
+import codeql.ruby.controlflow.CfgNodes
+import codeql.ruby.controlflow.ControlFlowGraph
+import codeql.ruby.DataFlow
+
+query predicate oldStyleBarrierGuards(
+  BarrierGuard g, DataFlow::Node guardedNode, ExprCfgNode expr, boolean branch
+) {
+  g.checks(expr, branch) and guardedNode = g.getAGuardedNode()
+}
+
+query predicate newStyleBarrierGuards(DataFlow::Node n) {
+  n instanceof StringConstCompareBarrier or
+  n instanceof StringConstArrayInclusionCallBarrier
+}

ruby/ql/test/library-tests/dataflow/barrier-guards/barrier-guards.rb

@@ -0,0 +1,104 @@
+foo = "foo"
+
+if foo == "foo"
+    foo
+else
+    foo
+end
+
+if ["foo"].include?(foo)
+    foo
+else
+    foo
+end
+
+if foo != "foo"
+    foo
+else
+    foo
+end
+
+unless foo == "foo"
+    foo
+else
+    foo
+end
+
+unless foo != "foo"
+    foo
+else
+    foo
+end
+
+foo
+
+FOO = ["foo"]
+
+if FOO.include?(foo)
+    foo
+else
+    foo
+end
+
+if foo == "foo"
+    capture {
+        foo # guarded
+    }
+end
+
+if foo == "foo"
+    capture {
+        foo = "bar"
+        foo # not guarded
+    }
+end
+
+if foo == "foo"
+    my_lambda = -> () {
+        foo # not guarded
+    }
+
+    foo = "bar"
+
+    my_lambda()
+end
+
+foos = nil
+foos = ["foo"]
+bars = NotAnArray.new
+
+if foos.include?(foo)
+    foo
+else
+    foo
+end
+
+if bars.include?(foo)
+    foo
+else
+    foo
+end
+
+if foos.index(foo) != nil
+    foo
+else
+    foo
+end
+
+if foos.index(foo)r == nil
+    foo
+else
+    foo
+end
+
+bars = ["bar"]
+
+if condition
+    bars = nil
+end
+
+if bars.include?(foo)
+    foo
+else
+    foo
+end

ruby/ql/test/library-tests/dataflow/pathname-flow/pathame-flow.expected

@@ -0,0 +1,219 @@
+failures
+edges
+| pathname_flow.rb:4:10:4:33 | call to new :  | pathname_flow.rb:5:10:5:11 | pn |
+| pathname_flow.rb:4:23:4:32 | call to source :  | pathname_flow.rb:4:10:4:33 | call to new :  |
+| pathname_flow.rb:9:7:9:30 | call to new :  | pathname_flow.rb:11:8:11:12 | ... + ... |
+| pathname_flow.rb:9:20:9:29 | call to source :  | pathname_flow.rb:9:7:9:30 | call to new :  |
+| pathname_flow.rb:10:7:10:30 | call to new :  | pathname_flow.rb:11:8:11:12 | ... + ... |
+| pathname_flow.rb:10:20:10:29 | call to source :  | pathname_flow.rb:10:7:10:30 | call to new :  |
+| pathname_flow.rb:15:8:15:31 | call to new :  | pathname_flow.rb:16:8:16:9 | pn :  |
+| pathname_flow.rb:15:21:15:30 | call to source :  | pathname_flow.rb:15:8:15:31 | call to new :  |
+| pathname_flow.rb:16:8:16:9 | pn :  | pathname_flow.rb:16:8:16:17 | call to dirname |
+| pathname_flow.rb:20:7:20:30 | call to new :  | pathname_flow.rb:21:3:21:3 | a :  |
+| pathname_flow.rb:20:20:20:29 | call to source :  | pathname_flow.rb:20:7:20:30 | call to new :  |
+| pathname_flow.rb:21:3:21:3 | a :  | pathname_flow.rb:21:23:21:23 | x :  |
+| pathname_flow.rb:21:23:21:23 | x :  | pathname_flow.rb:22:10:22:10 | x |
+| pathname_flow.rb:27:7:27:30 | call to new :  | pathname_flow.rb:28:8:28:8 | a :  |
+| pathname_flow.rb:27:20:27:29 | call to source :  | pathname_flow.rb:27:7:27:30 | call to new :  |
+| pathname_flow.rb:28:8:28:8 | a :  | pathname_flow.rb:28:8:28:22 | call to expand_path |
+| pathname_flow.rb:32:7:32:30 | call to new :  | pathname_flow.rb:35:8:35:8 | a :  |
+| pathname_flow.rb:32:20:32:29 | call to source :  | pathname_flow.rb:32:7:32:30 | call to new :  |
+| pathname_flow.rb:34:7:34:30 | call to new :  | pathname_flow.rb:35:18:35:18 | c :  |
+| pathname_flow.rb:34:20:34:29 | call to source :  | pathname_flow.rb:34:7:34:30 | call to new :  |
+| pathname_flow.rb:35:8:35:8 | a :  | pathname_flow.rb:35:8:35:19 | call to join |
+| pathname_flow.rb:35:18:35:18 | c :  | pathname_flow.rb:35:8:35:19 | call to join |
+| pathname_flow.rb:39:7:39:30 | call to new :  | pathname_flow.rb:40:8:40:8 | a :  |
+| pathname_flow.rb:39:20:39:29 | call to source :  | pathname_flow.rb:39:7:39:30 | call to new :  |
+| pathname_flow.rb:40:8:40:8 | a :  | pathname_flow.rb:40:8:40:17 | call to parent |
+| pathname_flow.rb:44:7:44:30 | call to new :  | pathname_flow.rb:45:8:45:8 | a :  |
+| pathname_flow.rb:44:20:44:29 | call to source :  | pathname_flow.rb:44:7:44:30 | call to new :  |
+| pathname_flow.rb:45:8:45:8 | a :  | pathname_flow.rb:45:8:45:19 | call to realpath |
+| pathname_flow.rb:49:7:49:30 | call to new :  | pathname_flow.rb:50:8:50:8 | a :  |
+| pathname_flow.rb:49:20:49:29 | call to source :  | pathname_flow.rb:49:7:49:30 | call to new :  |
+| pathname_flow.rb:50:8:50:8 | a :  | pathname_flow.rb:50:8:50:39 | call to relative_path_from |
+| pathname_flow.rb:54:7:54:30 | call to new :  | pathname_flow.rb:55:8:55:8 | a :  |
+| pathname_flow.rb:54:20:54:29 | call to source :  | pathname_flow.rb:54:7:54:30 | call to new :  |
+| pathname_flow.rb:55:8:55:8 | a :  | pathname_flow.rb:55:8:55:16 | call to to_path |
+| pathname_flow.rb:59:7:59:30 | call to new :  | pathname_flow.rb:60:8:60:8 | a :  |
+| pathname_flow.rb:59:20:59:29 | call to source :  | pathname_flow.rb:59:7:59:30 | call to new :  |
+| pathname_flow.rb:60:8:60:8 | a :  | pathname_flow.rb:60:8:60:13 | call to to_s |
+| pathname_flow.rb:64:7:64:30 | call to new :  | pathname_flow.rb:66:8:66:8 | b |
+| pathname_flow.rb:64:20:64:29 | call to source :  | pathname_flow.rb:64:7:64:30 | call to new :  |
+| pathname_flow.rb:70:7:70:30 | call to new :  | pathname_flow.rb:72:8:72:8 | b |
+| pathname_flow.rb:70:20:70:29 | call to source :  | pathname_flow.rb:70:7:70:30 | call to new :  |
+| pathname_flow.rb:76:7:76:30 | call to new :  | pathname_flow.rb:77:7:77:7 | a :  |
+| pathname_flow.rb:76:20:76:29 | call to source :  | pathname_flow.rb:76:7:76:30 | call to new :  |
+| pathname_flow.rb:77:7:77:7 | a :  | pathname_flow.rb:77:7:77:16 | call to basename :  |
+| pathname_flow.rb:77:7:77:16 | call to basename :  | pathname_flow.rb:78:8:78:8 | b |
+| pathname_flow.rb:82:7:82:30 | call to new :  | pathname_flow.rb:83:7:83:7 | a :  |
+| pathname_flow.rb:82:20:82:29 | call to source :  | pathname_flow.rb:82:7:82:30 | call to new :  |
+| pathname_flow.rb:83:7:83:7 | a :  | pathname_flow.rb:83:7:83:17 | call to cleanpath :  |
+| pathname_flow.rb:83:7:83:17 | call to cleanpath :  | pathname_flow.rb:84:8:84:8 | b |
+| pathname_flow.rb:88:7:88:30 | call to new :  | pathname_flow.rb:89:7:89:7 | a :  |
+| pathname_flow.rb:88:20:88:29 | call to source :  | pathname_flow.rb:88:7:88:30 | call to new :  |
+| pathname_flow.rb:89:7:89:7 | a :  | pathname_flow.rb:89:7:89:25 | call to sub :  |
+| pathname_flow.rb:89:7:89:25 | call to sub :  | pathname_flow.rb:90:8:90:8 | b |
+| pathname_flow.rb:94:7:94:30 | call to new :  | pathname_flow.rb:95:7:95:7 | a :  |
+| pathname_flow.rb:94:20:94:29 | call to source :  | pathname_flow.rb:94:7:94:30 | call to new :  |
+| pathname_flow.rb:95:7:95:7 | a :  | pathname_flow.rb:95:7:95:23 | call to sub_ext :  |
+| pathname_flow.rb:95:7:95:23 | call to sub_ext :  | pathname_flow.rb:96:8:96:8 | b |
+| pathname_flow.rb:101:7:101:30 | call to new :  | pathname_flow.rb:104:8:104:8 | b :  |
+| pathname_flow.rb:101:7:101:30 | call to new :  | pathname_flow.rb:107:8:107:8 | c :  |
+| pathname_flow.rb:101:7:101:30 | call to new :  | pathname_flow.rb:109:7:109:7 | a :  |
+| pathname_flow.rb:101:7:101:30 | call to new :  | pathname_flow.rb:112:7:112:7 | a :  |
+| pathname_flow.rb:101:7:101:30 | call to new :  | pathname_flow.rb:115:7:115:7 | a :  |
+| pathname_flow.rb:101:7:101:30 | call to new :  | pathname_flow.rb:118:7:118:7 | a :  |
+| pathname_flow.rb:101:7:101:30 | call to new :  | pathname_flow.rb:121:7:121:7 | a :  |
+| pathname_flow.rb:101:7:101:30 | call to new :  | pathname_flow.rb:124:7:124:7 | a :  |
+| pathname_flow.rb:101:7:101:30 | call to new :  | pathname_flow.rb:127:7:127:7 | a :  |
+| pathname_flow.rb:101:7:101:30 | call to new :  | pathname_flow.rb:130:7:130:7 | a :  |
+| pathname_flow.rb:101:7:101:30 | call to new :  | pathname_flow.rb:133:7:133:7 | a :  |
+| pathname_flow.rb:101:20:101:29 | call to source :  | pathname_flow.rb:101:7:101:30 | call to new :  |
+| pathname_flow.rb:104:8:104:8 | b :  | pathname_flow.rb:104:8:104:17 | call to realpath |
+| pathname_flow.rb:107:8:107:8 | c :  | pathname_flow.rb:107:8:107:17 | call to realpath |
+| pathname_flow.rb:109:7:109:7 | a :  | pathname_flow.rb:109:7:109:16 | call to basename :  |
+| pathname_flow.rb:109:7:109:16 | call to basename :  | pathname_flow.rb:110:8:110:8 | d :  |
+| pathname_flow.rb:110:8:110:8 | d :  | pathname_flow.rb:110:8:110:17 | call to realpath |
+| pathname_flow.rb:112:7:112:7 | a :  | pathname_flow.rb:112:7:112:17 | call to cleanpath :  |
+| pathname_flow.rb:112:7:112:17 | call to cleanpath :  | pathname_flow.rb:113:8:113:8 | e :  |
+| pathname_flow.rb:113:8:113:8 | e :  | pathname_flow.rb:113:8:113:17 | call to realpath |
+| pathname_flow.rb:115:7:115:7 | a :  | pathname_flow.rb:115:7:115:19 | call to expand_path :  |
+| pathname_flow.rb:115:7:115:19 | call to expand_path :  | pathname_flow.rb:116:8:116:8 | f :  |
+| pathname_flow.rb:116:8:116:8 | f :  | pathname_flow.rb:116:8:116:17 | call to realpath |
+| pathname_flow.rb:118:7:118:7 | a :  | pathname_flow.rb:118:7:118:19 | call to join :  |
+| pathname_flow.rb:118:7:118:19 | call to join :  | pathname_flow.rb:119:8:119:8 | g :  |
+| pathname_flow.rb:119:8:119:8 | g :  | pathname_flow.rb:119:8:119:17 | call to realpath |
+| pathname_flow.rb:121:7:121:7 | a :  | pathname_flow.rb:121:7:121:16 | call to realpath :  |
+| pathname_flow.rb:121:7:121:16 | call to realpath :  | pathname_flow.rb:122:8:122:8 | h :  |
+| pathname_flow.rb:122:8:122:8 | h :  | pathname_flow.rb:122:8:122:17 | call to realpath |
+| pathname_flow.rb:124:7:124:7 | a :  | pathname_flow.rb:124:7:124:38 | call to relative_path_from :  |
+| pathname_flow.rb:124:7:124:38 | call to relative_path_from :  | pathname_flow.rb:125:8:125:8 | i :  |
+| pathname_flow.rb:125:8:125:8 | i :  | pathname_flow.rb:125:8:125:17 | call to realpath |
+| pathname_flow.rb:127:7:127:7 | a :  | pathname_flow.rb:127:7:127:25 | call to sub :  |
+| pathname_flow.rb:127:7:127:25 | call to sub :  | pathname_flow.rb:128:8:128:8 | j :  |
+| pathname_flow.rb:128:8:128:8 | j :  | pathname_flow.rb:128:8:128:17 | call to realpath |
+| pathname_flow.rb:130:7:130:7 | a :  | pathname_flow.rb:130:7:130:23 | call to sub_ext :  |
+| pathname_flow.rb:130:7:130:23 | call to sub_ext :  | pathname_flow.rb:131:8:131:8 | k :  |
+| pathname_flow.rb:131:8:131:8 | k :  | pathname_flow.rb:131:8:131:17 | call to realpath |
+| pathname_flow.rb:133:7:133:7 | a :  | pathname_flow.rb:133:7:133:15 | call to to_path :  |
+| pathname_flow.rb:133:7:133:15 | call to to_path :  | pathname_flow.rb:134:8:134:8 | l :  |
+| pathname_flow.rb:134:8:134:8 | l :  | pathname_flow.rb:134:8:134:17 | call to realpath |
+nodes
+| pathname_flow.rb:4:10:4:33 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:4:23:4:32 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:5:10:5:11 | pn | semmle.label | pn |
+| pathname_flow.rb:9:7:9:30 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:9:20:9:29 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:10:7:10:30 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:10:20:10:29 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:11:8:11:12 | ... + ... | semmle.label | ... + ... |
+| pathname_flow.rb:15:8:15:31 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:15:21:15:30 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:16:8:16:9 | pn :  | semmle.label | pn :  |
+| pathname_flow.rb:16:8:16:17 | call to dirname | semmle.label | call to dirname |
+| pathname_flow.rb:20:7:20:30 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:20:20:20:29 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:21:3:21:3 | a :  | semmle.label | a :  |
+| pathname_flow.rb:21:23:21:23 | x :  | semmle.label | x :  |
+| pathname_flow.rb:22:10:22:10 | x | semmle.label | x |
+| pathname_flow.rb:27:7:27:30 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:27:20:27:29 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:28:8:28:8 | a :  | semmle.label | a :  |
+| pathname_flow.rb:28:8:28:22 | call to expand_path | semmle.label | call to expand_path |
+| pathname_flow.rb:32:7:32:30 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:32:20:32:29 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:34:7:34:30 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:34:20:34:29 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:35:8:35:8 | a :  | semmle.label | a :  |
+| pathname_flow.rb:35:8:35:19 | call to join | semmle.label | call to join |
+| pathname_flow.rb:35:18:35:18 | c :  | semmle.label | c :  |
+| pathname_flow.rb:39:7:39:30 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:39:20:39:29 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:40:8:40:8 | a :  | semmle.label | a :  |
+| pathname_flow.rb:40:8:40:17 | call to parent | semmle.label | call to parent |
+| pathname_flow.rb:44:7:44:30 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:44:20:44:29 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:45:8:45:8 | a :  | semmle.label | a :  |
+| pathname_flow.rb:45:8:45:19 | call to realpath | semmle.label | call to realpath |
+| pathname_flow.rb:49:7:49:30 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:49:20:49:29 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:50:8:50:8 | a :  | semmle.label | a :  |
+| pathname_flow.rb:50:8:50:39 | call to relative_path_from | semmle.label | call to relative_path_from |
+| pathname_flow.rb:54:7:54:30 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:54:20:54:29 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:55:8:55:8 | a :  | semmle.label | a :  |
+| pathname_flow.rb:55:8:55:16 | call to to_path | semmle.label | call to to_path |
+| pathname_flow.rb:59:7:59:30 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:59:20:59:29 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:60:8:60:8 | a :  | semmle.label | a :  |
+| pathname_flow.rb:60:8:60:13 | call to to_s | semmle.label | call to to_s |
+| pathname_flow.rb:64:7:64:30 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:64:20:64:29 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:66:8:66:8 | b | semmle.label | b |
+| pathname_flow.rb:70:7:70:30 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:70:20:70:29 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:72:8:72:8 | b | semmle.label | b |
+| pathname_flow.rb:76:7:76:30 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:76:20:76:29 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:77:7:77:7 | a :  | semmle.label | a :  |
+| pathname_flow.rb:77:7:77:16 | call to basename :  | semmle.label | call to basename :  |
+| pathname_flow.rb:78:8:78:8 | b | semmle.label | b |
+| pathname_flow.rb:82:7:82:30 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:82:20:82:29 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:83:7:83:7 | a :  | semmle.label | a :  |
+| pathname_flow.rb:83:7:83:17 | call to cleanpath :  | semmle.label | call to cleanpath :  |
+| pathname_flow.rb:84:8:84:8 | b | semmle.label | b |
+| pathname_flow.rb:88:7:88:30 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:88:20:88:29 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:89:7:89:7 | a :  | semmle.label | a :  |
+| pathname_flow.rb:89:7:89:25 | call to sub :  | semmle.label | call to sub :  |
+| pathname_flow.rb:90:8:90:8 | b | semmle.label | b |
+| pathname_flow.rb:94:7:94:30 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:94:20:94:29 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:95:7:95:7 | a :  | semmle.label | a :  |
+| pathname_flow.rb:95:7:95:23 | call to sub_ext :  | semmle.label | call to sub_ext :  |
+| pathname_flow.rb:96:8:96:8 | b | semmle.label | b |
+| pathname_flow.rb:101:7:101:30 | call to new :  | semmle.label | call to new :  |
+| pathname_flow.rb:101:20:101:29 | call to source :  | semmle.label | call to source :  |
+| pathname_flow.rb:104:8:104:8 | b :  | semmle.label | b :  |
+| pathname_flow.rb:104:8:104:17 | call to realpath | semmle.label | call to realpath |
+| pathname_flow.rb:107:8:107:8 | c :  | semmle.label | c :  |
+| pathname_flow.rb:107:8:107:17 | call to realpath | semmle.label | call to realpath |
+| pathname_flow.rb:109:7:109:7 | a :  | semmle.label | a :  |
+| pathname_flow.rb:109:7:109:16 | call to basename :  | semmle.label | call to basename :  |
+| pathname_flow.rb:110:8:110:8 | d :  | semmle.label | d :  |
+| pathname_flow.rb:110:8:110:17 | call to realpath | semmle.label | call to realpath |
+| pathname_flow.rb:112:7:112:7 | a :  | semmle.label | a :  |
+| pathname_flow.rb:112:7:112:17 | call to cleanpath :  | semmle.label | call to cleanpath :  |
+| pathname_flow.rb:113:8:113:8 | e :  | semmle.label | e :  |
+| pathname_flow.rb:113:8:113:17 | call to realpath | semmle.label | call to realpath |
+| pathname_flow.rb:115:7:115:7 | a :  | semmle.label | a :  |
+| pathname_flow.rb:115:7:115:19 | call to expand_path :  | semmle.label | call to expand_path :  |
+| pathname_flow.rb:116:8:116:8 | f :  | semmle.label | f :  |
+| pathname_flow.rb:116:8:116:17 | call to realpath | semmle.label | call to realpath |
+| pathname_flow.rb:118:7:118:7 | a :  | semmle.label | a :  |
+| pathname_flow.rb:118:7:118:19 | call to join :  | semmle.label | call to join :  |
+| pathname_flow.rb:119:8:119:8 | g :  | semmle.label | g :  |
+| pathname_flow.rb:119:8:119:17 | call to realpath | semmle.label | call to realpath |
+| pathname_flow.rb:121:7:121:7 | a :  | semmle.label | a :  |
+| pathname_flow.rb:121:7:121:16 | call to realpath :  | semmle.label | call to realpath :  |
+| pathname_flow.rb:122:8:122:8 | h :  | semmle.label | h :  |
+| pathname_flow.rb:122:8:122:17 | call to realpath | semmle.label | call to realpath |
+| pathname_flow.rb:124:7:124:7 | a :  | semmle.label | a :  |
+| pathname_flow.rb:124:7:124:38 | call to relative_path_from :  | semmle.label | call to relative_path_from :  |
+| pathname_flow.rb:125:8:125:8 | i :  | semmle.label | i :  |
+| pathname_flow.rb:125:8:125:17 | call to realpath | semmle.label | call to realpath |
+| pathname_flow.rb:127:7:127:7 | a :  | semmle.label | a :  |
+| pathname_flow.rb:127:7:127:25 | call to sub :  | semmle.label | call to sub :  |
+| pathname_flow.rb:128:8:128:8 | j :  | semmle.label | j :  |
+| pathname_flow.rb:128:8:128:17 | call to realpath | semmle.label | call to realpath |
+| pathname_flow.rb:130:7:130:7 | a :  | semmle.label | a :  |
+| pathname_flow.rb:130:7:130:23 | call to sub_ext :  | semmle.label | call to sub_ext :  |
+| pathname_flow.rb:131:8:131:8 | k :  | semmle.label | k :  |
+| pathname_flow.rb:131:8:131:17 | call to realpath | semmle.label | call to realpath |
+| pathname_flow.rb:133:7:133:7 | a :  | semmle.label | a :  |
+| pathname_flow.rb:133:7:133:15 | call to to_path :  | semmle.label | call to to_path :  |
+| pathname_flow.rb:134:8:134:8 | l :  | semmle.label | l :  |
+| pathname_flow.rb:134:8:134:17 | call to realpath | semmle.label | call to realpath |
+subpaths
+#select

ruby/ql/test/library-tests/dataflow/pathname-flow/pathame-flow.ql

@@ -0,0 +1,11 @@
+/**
+ * @kind path-problem
+ */
+
+import ruby
+import TestUtilities.InlineFlowTest
+import PathGraph
+
+from DataFlow::PathNode source, DataFlow::PathNode sink, DefaultValueFlowConf conf
+where conf.hasFlowPath(source, sink)
+select sink, source, sink, "$@", source, source.toString()

ruby/ql/test/library-tests/dataflow/pathname-flow/pathname_flow.rb

@@ -0,0 +1,135 @@
+require 'pathname'
+
+def m_new
+    pn = Pathname.new(source 'a')
+    sink pn # $ hasTaintFlow=a
+end
+
+def m_plus
+  a = Pathname.new(source 'a')
+  b = Pathname.new(source 'b')
+  sink(a + b) # $ hasTaintFlow=a $ hasTaintFlow=b
+end
+
+def m_dirname
+  pn = Pathname.new(source 'a')
+  sink pn.dirname # $ hasTaintFlow=a
+end
+
+def m_each_filename
+  a = Pathname.new(source 'a')
+  a.each_filename do |x|
+    sink x # $ hasTaintFlow=a
+  end
+end
+
+def m_expand_path
+  a = Pathname.new(source 'a')
+  sink a.expand_path() # $ hasTaintFlow=a
+end
+
+def m_join
+  a = Pathname.new(source 'a')
+  b = Pathname.new('foo')
+  c = Pathname.new(source 'c')
+  sink a.join(b, c) # $ hasTaintFlow=a $ hasTaintFlow=c
+end
+
+def m_parent
+  a = Pathname.new(source 'a')
+  sink a.parent() # $ hasTaintFlow=a
+end
+
+def m_realpath
+  a = Pathname.new(source 'a')
+  sink a.realpath() # $ hasTaintFlow=a
+end
+
+def m_relative_path_from
+  a = Pathname.new(source 'a')
+  sink a.relative_path_from('/foo/bar') # $ hasTaintFlow=a
+end
+
+def m_to_path
+  a = Pathname.new(source 'a')
+  sink a.to_path # $ hasTaintFlow=a
+end
+
+def m_to_s
+  a = Pathname.new(source 'a')
+  sink a.to_s # $ hasTaintFlow=a
+end
+
+def m_plus
+  a = Pathname.new(source 'a')
+  b = a + 'foo'
+  sink b # $ hasTaintFlow=a
+end
+
+def m_slash
+  a = Pathname.new(source 'a')
+  b = a / 'foo'
+  sink b # $ hasTaintFlow=a
+end
+
+def m_basename
+  a = Pathname.new(source 'a')
+  b = a.basename
+  sink b # $ hasTaintFlow=a
+end
+
+def m_cleanpath
+  a = Pathname.new(source 'a')
+  b = a.cleanpath
+  sink b # $ hasTaintFlow=a
+end
+
+def m_sub
+  a = Pathname.new(source 'a')
+  b = a.sub('foo', 'bar')
+  sink b # $ hasTaintFlow=a
+end
+
+def m_sub_ext
+  a = Pathname.new(source 'a')
+  b = a.sub_ext('.txt')
+  sink b # $ hasTaintFlow=a
+end
+
+# Test flow through intermediate pathnames
+def intermediate_pathnames
+  a = Pathname.new(source 'a')
+
+  b = a + 'foo'
+  sink b.realpath # $ hasTaintFlow=a
+
+  c = a / 'foo'
+  sink c.realpath # $ hasTaintFlow=a
+
+  d = a.basename
+  sink d.realpath # $ hasTaintFlow=a
+
+  e = a.cleanpath
+  sink e.realpath # $ hasTaintFlow=a
+
+  f = a.expand_path
+  sink f.realpath # $ hasTaintFlow=a
+
+  g = a.join('foo')
+  sink g.realpath # $ hasTaintFlow=a
+
+  h = a.realpath
+  sink h.realpath # $ hasTaintFlow=a
+
+  i = a.relative_path_from('/foo/bar')
+  sink i.realpath # $ hasTaintFlow=a
+
+  j = a.sub('foo', 'bar')
+  sink j.realpath # $ hasTaintFlow=a
+
+  k = a.sub_ext('.txt')
+  sink k.realpath # $ hasTaintFlow=a
+
+  l = a.to_path
+  sink l.realpath # $ hasTaintFlow=a
+end

ruby/ql/test/library-tests/frameworks/pathname/Pathname.expected

@@ -0,0 +1,134 @@
+pathnameInstances
+| Pathname.rb:2:1:2:33 | ... = ... |
+| Pathname.rb:2:1:2:33 | ... = ... |
+| Pathname.rb:2:12:2:33 | call to new |
+| Pathname.rb:3:1:3:20 | ... = ... |
+| Pathname.rb:3:13:3:20 | foo_path |
+| Pathname.rb:4:1:4:8 | foo_path |
+| Pathname.rb:6:1:6:29 | ... = ... |
+| Pathname.rb:6:1:6:29 | ... = ... |
+| Pathname.rb:6:12:6:29 | call to new |
+| Pathname.rb:9:1:9:21 | ... = ... |
+| Pathname.rb:9:1:9:21 | ... = ... |
+| Pathname.rb:9:8:9:21 | call to getwd |
+| Pathname.rb:10:1:10:21 | ... = ... |
+| Pathname.rb:10:7:10:10 | pwd1 |
+| Pathname.rb:10:7:10:21 | ... + ... |
+| Pathname.rb:10:14:10:21 | foo_path |
+| Pathname.rb:11:1:11:21 | ... = ... |
+| Pathname.rb:11:1:11:21 | ... = ... |
+| Pathname.rb:11:7:11:10 | pwd1 |
+| Pathname.rb:11:7:11:21 | ... / ... |
+| Pathname.rb:11:14:11:21 | bar_path |
+| Pathname.rb:12:1:12:19 | ... = ... |
+| Pathname.rb:12:7:12:10 | pwd1 |
+| Pathname.rb:12:7:12:19 | call to basename |
+| Pathname.rb:13:1:13:46 | ... = ... |
+| Pathname.rb:13:7:13:36 | call to new |
+| Pathname.rb:13:7:13:46 | call to cleanpath |
+| Pathname.rb:14:1:14:26 | ... = ... |
+| Pathname.rb:14:7:14:14 | foo_path |
+| Pathname.rb:14:7:14:26 | call to expand_path |
+| Pathname.rb:15:1:15:39 | ... = ... |
+| Pathname.rb:15:7:15:10 | pwd1 |
+| Pathname.rb:15:7:15:39 | call to join |
+| Pathname.rb:16:1:16:23 | ... = ... |
+| Pathname.rb:16:7:16:14 | foo_path |
+| Pathname.rb:16:7:16:23 | call to realpath |
+| Pathname.rb:17:1:17:59 | ... = ... |
+| Pathname.rb:17:7:17:33 | call to new |
+| Pathname.rb:17:7:17:59 | call to relative_path_from |
+| Pathname.rb:18:1:18:33 | ... = ... |
+| Pathname.rb:18:1:18:33 | ... = ... |
+| Pathname.rb:18:7:18:10 | pwd1 |
+| Pathname.rb:18:7:18:33 | call to sub |
+| Pathname.rb:19:1:19:29 | ... = ... |
+| Pathname.rb:19:7:19:14 | foo_path |
+| Pathname.rb:19:7:19:29 | call to sub_ext |
+| Pathname.rb:20:1:20:22 | ... = ... |
+| Pathname.rb:20:7:20:14 | foo_path |
+| Pathname.rb:20:7:20:22 | call to to_path |
+| Pathname.rb:23:14:23:21 | foo_path |
+| Pathname.rb:26:12:26:19 | foo_path |
+| Pathname.rb:28:11:28:14 | pwd1 |
+| Pathname.rb:32:12:32:19 | foo_path |
+| Pathname.rb:35:1:35:8 | foo_path |
+| Pathname.rb:38:1:38:8 | foo_path |
+| Pathname.rb:39:12:39:19 | foo_path |
+| Pathname.rb:41:1:41:3 | p08 |
+| Pathname.rb:42:1:42:3 | p01 |
+fileSystemAccesses
+| Pathname.rb:26:12:26:24 | call to open | Pathname.rb:26:12:26:19 | foo_path |
+| Pathname.rb:28:11:28:22 | call to opendir | Pathname.rb:28:11:28:14 | pwd1 |
+| Pathname.rb:32:12:32:24 | call to read | Pathname.rb:32:12:32:19 | foo_path |
+| Pathname.rb:35:1:35:23 | call to write | Pathname.rb:35:1:35:8 | foo_path |
+| Pathname.rb:39:12:39:34 | call to open | Pathname.rb:39:12:39:19 | foo_path |
+fileNameSources
+| Pathname.rb:2:1:2:33 | ... = ... |
+| Pathname.rb:2:1:2:33 | ... = ... |
+| Pathname.rb:2:12:2:33 | call to new |
+| Pathname.rb:3:1:3:20 | ... = ... |
+| Pathname.rb:3:13:3:20 | foo_path |
+| Pathname.rb:4:1:4:8 | foo_path |
+| Pathname.rb:6:1:6:29 | ... = ... |
+| Pathname.rb:6:1:6:29 | ... = ... |
+| Pathname.rb:6:12:6:29 | call to new |
+| Pathname.rb:9:1:9:21 | ... = ... |
+| Pathname.rb:9:1:9:21 | ... = ... |
+| Pathname.rb:9:8:9:21 | call to getwd |
+| Pathname.rb:10:1:10:21 | ... = ... |
+| Pathname.rb:10:7:10:10 | pwd1 |
+| Pathname.rb:10:7:10:21 | ... + ... |
+| Pathname.rb:10:14:10:21 | foo_path |
+| Pathname.rb:11:1:11:21 | ... = ... |
+| Pathname.rb:11:1:11:21 | ... = ... |
+| Pathname.rb:11:7:11:10 | pwd1 |
+| Pathname.rb:11:7:11:21 | ... / ... |
+| Pathname.rb:11:14:11:21 | bar_path |
+| Pathname.rb:12:1:12:19 | ... = ... |
+| Pathname.rb:12:7:12:10 | pwd1 |
+| Pathname.rb:12:7:12:19 | call to basename |
+| Pathname.rb:13:1:13:46 | ... = ... |
+| Pathname.rb:13:7:13:36 | call to new |
+| Pathname.rb:13:7:13:46 | call to cleanpath |
+| Pathname.rb:14:1:14:26 | ... = ... |
+| Pathname.rb:14:7:14:14 | foo_path |
+| Pathname.rb:14:7:14:26 | call to expand_path |
+| Pathname.rb:15:1:15:39 | ... = ... |
+| Pathname.rb:15:7:15:10 | pwd1 |
+| Pathname.rb:15:7:15:39 | call to join |
+| Pathname.rb:16:1:16:23 | ... = ... |
+| Pathname.rb:16:7:16:14 | foo_path |
+| Pathname.rb:16:7:16:23 | call to realpath |
+| Pathname.rb:17:1:17:59 | ... = ... |
+| Pathname.rb:17:7:17:33 | call to new |
+| Pathname.rb:17:7:17:59 | call to relative_path_from |
+| Pathname.rb:18:1:18:33 | ... = ... |
+| Pathname.rb:18:1:18:33 | ... = ... |
+| Pathname.rb:18:7:18:10 | pwd1 |
+| Pathname.rb:18:7:18:33 | call to sub |
+| Pathname.rb:19:1:19:29 | ... = ... |
+| Pathname.rb:19:7:19:14 | foo_path |
+| Pathname.rb:19:7:19:29 | call to sub_ext |
+| Pathname.rb:20:1:20:22 | ... = ... |
+| Pathname.rb:20:7:20:14 | foo_path |
+| Pathname.rb:20:7:20:22 | call to to_path |
+| Pathname.rb:23:14:23:21 | foo_path |
+| Pathname.rb:23:14:23:26 | call to to_s |
+| Pathname.rb:26:12:26:19 | foo_path |
+| Pathname.rb:28:11:28:14 | pwd1 |
+| Pathname.rb:32:12:32:19 | foo_path |
+| Pathname.rb:35:1:35:8 | foo_path |
+| Pathname.rb:38:1:38:8 | foo_path |
+| Pathname.rb:39:12:39:19 | foo_path |
+| Pathname.rb:41:1:41:3 | p08 |
+| Pathname.rb:42:1:42:3 | p01 |
+fileSystemReadAccesses
+| Pathname.rb:32:12:32:24 | call to read | Pathname.rb:32:12:32:24 | call to read |
+fileSystemWriteAccesses
+| Pathname.rb:35:1:35:23 | call to write | Pathname.rb:35:16:35:23 | "output" |
+fileSystemPermissionModifications
+| Pathname.rb:38:1:38:19 | call to chmod | Pathname.rb:38:16:38:19 | 0644 |
+| Pathname.rb:39:12:39:34 | call to open | Pathname.rb:39:31:39:34 | 0666 |
+| Pathname.rb:41:1:41:14 | call to mkdir | Pathname.rb:41:11:41:14 | 0755 |
+| Pathname.rb:42:1:42:22 | call to mkpath | Pathname.rb:42:18:42:21 | 0644 |

ruby/ql/test/library-tests/frameworks/pathname/Pathname.ql

@@ -0,0 +1,26 @@
+private import ruby
+private import codeql.ruby.Concepts
+private import codeql.ruby.DataFlow
+private import codeql.ruby.frameworks.stdlib.Pathname
+
+query predicate pathnameInstances(Pathname::PathnameInstance i) { any() }
+
+query predicate fileSystemAccesses(FileSystemAccess a, DataFlow::Node p) {
+  p = a.getAPathArgument()
+}
+
+query predicate fileNameSources(FileNameSource s) { any() }
+
+query predicate fileSystemReadAccesses(FileSystemReadAccess a, DataFlow::Node d) {
+  d = a.getADataNode()
+}
+
+query predicate fileSystemWriteAccesses(FileSystemWriteAccess a, DataFlow::Node d) {
+  d = a.getADataNode()
+}
+
+query predicate fileSystemPermissionModifications(
+  FileSystemPermissionModification m, DataFlow::Node p
+) {
+  p = m.getAPermissionNode()
+}

ruby/ql/test/library-tests/frameworks/pathname/Pathname.rb

@@ -0,0 +1,42 @@
+
+foo_path = Pathname.new "foo.txt"
+foo_path2 = foo_path
+foo_path
+
+bar_path = Pathname.new 'bar'
+
+# All these calls return new `Pathname` instances
+pwd1 = Pathname.getwd
+p00 = pwd1 + foo_path
+p01 = pwd1 / bar_path
+p02 = pwd1.basename
+p03 = Pathname.new('bar/../baz.txt').cleanpath
+p04 = foo_path.expand_path
+p05 = pwd1.join 'bar', 'baz', 'qux.txt'
+p06 = foo_path.realpath
+p07 = Pathname.new('foo/bar.txt').relative_path_from('foo')
+p08 = pwd1.sub 'wibble', 'wobble'
+p09 = foo_path.sub_ext '.log'
+p10 = foo_path.to_path
+
+# `Pathname#to_s` returns a string that we consider to be a filename source.
+foo_string = foo_path.to_s
+
+# File-system accesses
+foo_file = foo_path.open
+foo_file.close
+pwd_dir = pwd1.opendir
+pwd_dir.close
+
+# Read from a file
+foo_data = foo_path.read
+
+# Write to a file
+foo_path.write 'output'
+
+# Permission modifications
+foo_path.chmod 0644
+foo_file = foo_path.open 'w', 0666
+foo_file.close
+p08.mkdir 0755
+p01.mkpath(mode: 0644)