Tidy up

2026-04-27 17:55:19 +02:00 · 2021-10-06 18:07:29 +01:00
parent 1ce458fa33
commit ffda527da9
3 changed files with 41 additions and 34 deletions
--- a/ql/lib/codeql/ruby/frameworks/http_clients/Faraday.qll
+++ b/ql/lib/codeql/ruby/frameworks/http_clients/Faraday.qll
@@ -71,14 +71,19 @@ private predicate isSslOptionsPairDisablingValidation(Pair p) {
  exists(DataFlow::Node key, DataFlow::Node value |
    key.asExpr().getExpr() = p.getKey() and value.asExpr().getExpr() = p.getValue()
  |
-    exists(DataFlow::LocalSourceNode literal |
-      literal.asExpr().getExpr().(SymbolLiteral).getValueText() = "ssl" and
-      literal.flowsTo(key)
-    ) and
+    isSymbolLiteral(key, "ssl") and
    (isHashWithVerifyFalse(value) or isHashWithVerifyModeNone(value))
  )
 }

+/** Holds if `node` represents the symbol literal with the given `valueText`. */
+private predicate isSymbolLiteral(DataFlow::Node node, string valueText) {
+  exists(DataFlow::LocalSourceNode literal |
+    literal.asExpr().getExpr().(SymbolLiteral).getValueText() = valueText and
+    literal.flowsTo(node)
+  )
+}
+
 /**
 * Holds if `node` represents a hash containing the key-value pair
 * `verify: false`.
@@ -109,10 +114,7 @@ private predicate isVerifyModeNonePair(Pair p) {
  exists(DataFlow::Node key, DataFlow::Node value |
    key.asExpr().getExpr() = p.getKey() and value.asExpr().getExpr() = p.getValue()
  |
-    exists(DataFlow::LocalSourceNode literal |
-      literal.asExpr().getExpr().(SymbolLiteral).getValueText() = "verify_mode" and
-      literal.flowsTo(key)
-    ) and
+    isSymbolLiteral(key, "verify_mode") and
    value = API::getTopLevelMember("OpenSSL").getMember("SSL").getMember("VERIFY_NONE").getAUse()
  )
 }
@@ -124,21 +126,15 @@ private predicate isVerifyFalsePair(Pair p) {
  exists(DataFlow::Node key, DataFlow::Node value |
    key.asExpr().getExpr() = p.getKey() and value.asExpr().getExpr() = p.getValue()
  |
-    exists(DataFlow::LocalSourceNode literal |
-      literal.asExpr().getExpr().(SymbolLiteral).getValueText() = "verify" and
-      literal.flowsTo(key)
-    ) and
-    isFalsey(value)
+    isSymbolLiteral(key, "verify") and
+    isFalse(value)
  )
 }

-/** Holds if `node` contains `0` or `false`. */
-private predicate isFalsey(DataFlow::Node node) {
+/** Holds if `node` can contain the Boolean value `false`. */
+private predicate isFalse(DataFlow::Node node) {
  exists(DataFlow::LocalSourceNode literal |
-    (
-      literal.asExpr().getExpr().(BooleanLiteral).isFalse() or
-      literal.asExpr().getExpr().(IntegerLiteral).getValue() = 0
-    ) and
+    literal.asExpr().getExpr().(BooleanLiteral).isFalse() and
    literal.flowsTo(node)
  )
 }
--- a/ql/lib/codeql/ruby/frameworks/http_clients/Httparty.qll
+++ b/ql/lib/codeql/ruby/frameworks/http_clients/Httparty.qll
@@ -74,13 +74,10 @@ private predicate isVerifyLiteral(DataFlow::Node node) {
  )
 }

-/** Holds if `node` contains `0` or `false`. */
-private predicate isFalsey(DataFlow::Node node) {
+/** Holds if `node` can contain the Boolean value `false`. */
+private predicate isFalse(DataFlow::Node node) {
  exists(DataFlow::LocalSourceNode literal |
-    (
-      literal.asExpr().getExpr().(BooleanLiteral).isFalse() or
-      literal.asExpr().getExpr().(IntegerLiteral).getValue() = 0
-    ) and
+    literal.asExpr().getExpr().(BooleanLiteral).isFalse() and
    literal.flowsTo(node)
  )
 }
@@ -93,6 +90,6 @@ private predicate isVerifyFalsePair(Pair p) {
    key.asExpr().getExpr() = p.getKey() and value.asExpr().getExpr() = p.getValue()
  |
    isVerifyLiteral(key) and
-    isFalsey(value)
+    isFalse(value)
  )
 }
--- a/ql/lib/codeql/ruby/frameworks/http_clients/Typhoeus.qll
+++ b/ql/lib/codeql/ruby/frameworks/http_clients/Typhoeus.qll
@@ -46,15 +46,29 @@ class TyphoeusHttpRequest extends HTTP::Client::Request::Range {
  override string getFramework() { result = "Typhoeus" }
 }

-// Holds if `p` is the pair `ssl_verifypeer: false`.
+/** Holds if `p` is the pair `ssl_verifypeer: false`. */
 private predicate isSslVerifyPeerFalsePair(Pair p) {
-  p.getKey().(SymbolLiteral).getValueText() = "ssl_verifypeer" and
-  exists(DataFlow::LocalSourceNode literal, DataFlow::Node value |
-    (
-      literal.asExpr().getExpr().(BooleanLiteral).isFalse() or
-      literal.asExpr().getExpr().(IntegerLiteral).getValue() = 0
-    ) and
-    literal.flowsTo(value) and
+  exists(DataFlow::Node key, DataFlow::Node value |
+    key.asExpr().getExpr() = p.getKey() and
    value.asExpr().getExpr() = p.getValue()
+  |
+    isSslVerifyPeerLiteral(key) and
+    isFalse(value)
+  )
+}
+
+/** Holds if `node` represents the symbol literal `verify` or `verify_peer`. */
+private predicate isSslVerifyPeerLiteral(DataFlow::Node node) {
+  exists(DataFlow::LocalSourceNode literal |
+    literal.asExpr().getExpr().(SymbolLiteral).getValueText() = "ssl_verifypeer" and
+    literal.flowsTo(node)
+  )
+}
+
+/** Holds if `node` can contain the Boolean value `false`. */
+private predicate isFalse(DataFlow::Node node) {
+  exists(DataFlow::LocalSourceNode literal |
+    literal.asExpr().getExpr().(BooleanLiteral).isFalse() and
+    literal.flowsTo(node)
  )
 }