Tom Hvitved
67b6a82cf1
Merge pull request #11198 from hvitved/ssa/expose-phi-reads
...
SSA: Expose phi-read nodes
2022-11-16 15:11:58 +01:00
Erik Krogh Kristensen
7d4ea47611
Merge pull request #10855 from erik-krogh/formatTaint
...
Ruby: taint-steps for printf calls - and add a `AdditionalTaintStep` class
2022-11-16 12:08:45 +01:00
Tom Hvitved
32f60fd112
Ruby: Add more local flow tests for use-use flow
2022-11-15 11:45:31 +01:00
Tom Hvitved
e18442069b
Ruby: Fix SSA entry definitions for self in top-level
2022-11-10 15:08:17 +01:00
Nick Rolfe
c8c53cb424
Merge remote-tracking branch 'origin/main' into nickrolfe/active_support_flow_summaries
2022-11-09 17:02:05 +00:00
Asger F
859dc7beb7
Merge pull request #11024 from asgerf/rb/data-flow-layer-capture2
...
Ruby: expand DataFlow API
2022-11-09 15:06:03 +01:00
Nick Rolfe
97e939ae2b
Ruby: refine summaries for Hash#reverse_merge etc.
...
- revert the changes to the taint summaries specific to ActionController
params
- make the general flow summaries value-preserving and use
WithElement[any]
2022-11-09 11:56:07 +00:00
Asger F
43769ad464
Ruby: update test output
2022-11-08 19:20:57 +01:00
Asger F
271de66f01
Ruby: rename getConst -> getConstant
2022-11-08 16:41:04 +01:00
Tom Hvitved
f0b9ca4bf9
Ruby: Add more guards tests
2022-11-08 11:09:54 +01:00
Tom Hvitved
7ba0682297
Ruby: Split basic blocks around constant conditionals
2022-11-08 09:07:23 +01:00
Tom Hvitved
c86f597153
Ruby: Add test for disjunctive guard
2022-11-08 09:01:22 +01:00
Asger F
edc5d8d644
Ruby: update test output
2022-11-07 14:17:50 +01:00
Asger F
a213e9e55d
Merge pull request #1 from hvitved/rb/data-flow-layer-capture2
...
Ruby: Make sure to always generate SSA definitions for namespace self-variables
2022-11-07 14:12:48 +01:00
Asger F
f991991474
Ruby: fix incomplete renaming of getCanonicalEnclosing/Nested module
2022-11-07 14:04:10 +01:00
Tom Hvitved
2737255705
Ruby: Make sure to always generate SSA definitions for namespace self-variables
2022-11-07 14:02:09 +01:00
Asger F
a39cefe40f
Ruby: fix broken test
2022-11-07 14:01:11 +01:00
Tom Hvitved
46631d6eaf
Merge pull request #10931 from hvitved/ruby/fix-flow-into-phis
...
Ruby: Fix flow steps into phi nodes
2022-11-02 21:07:06 +01:00
erik-krogh
6bc12e8f2b
Merge branch 'main' into formatTaint
2022-11-02 13:39:30 +01:00
Tom Hvitved
ee9163aa40
Ruby: Fix flow steps into phi nodes
...
- Add missing flow from post-update nodes into phi nodes.
- Prevent flow from reads into phi nodes when use-use flow is prohibited.
2022-11-01 16:33:06 +01:00
Tom Hvitved
a191edfbd5
Ruby: Add data flow tests that illustrate problems with flow into SSA phi nodes
2022-11-01 16:32:46 +01:00
Tom Hvitved
e8f9429b92
Merge pull request #10917 from hvitved/ruby/singleton-call-sensitivity
...
Ruby: Call-context sensitivity for singleton method calls
2022-11-01 14:13:26 +01:00
Asger F
056b1e8d63
Ruby: add some basic tests
2022-10-31 14:05:11 +01:00
Asger F
9f59b6b439
Update type-tracking test
2022-10-31 13:33:41 +01:00
Asger F
0a8f39fe96
Ruby: recover some incomplete capture flow
2022-10-31 13:33:41 +01:00
Asger F
b29ac5249e
Ruby: add type-tracking inline test in global flow test
2022-10-31 13:33:41 +01:00
Asger F
4ed61c13f8
Ruby: add some captured-variable flow tests
2022-10-31 13:33:41 +01:00
Harry Maclean
3f403f0f87
Merge pull request #10700 from hmac/activesupport
...
Ruby: Model some ActiveSupport methods
2022-10-31 11:50:44 +13:00
Asger F
436cc60138
Ruby: update some uses of getConstantValue()
2022-10-28 15:16:14 +02:00
Harry Maclean
4ec527a9ea
Ruby: Explain difference between flow tests
...
The type-tracking flow tests document the difference in sensitivity
between type-tracking and dataflow, so failures in that test are
expected.
2022-10-28 11:31:55 +13:00
Harry Maclean
6e8446b6ae
Fix tests
2022-10-28 11:31:55 +13:00
Harry Maclean
cb37a0e835
Ruby: Add summaries for Hash#deep_merge(!)
2022-10-28 11:31:55 +13:00
Harry Maclean
3dea1d6a60
Ruby: Add flow summary for Hash#except!
2022-10-28 11:31:55 +13:00
Rasmus Wriedt Larsen
6d43db43dd
Ruby: Fix tag missing from getARelevantTag
2022-10-27 09:12:06 +02:00
Nick Rolfe
269c27757d
Ruby: include value-preserving flow in localTaintStep
2022-10-21 16:17:11 +01:00
Nick Rolfe
5319216c18
Ruby: add test of TaintTracking::localFlowStep
2022-10-21 16:04:04 +01:00
Tom Hvitved
4422327c00
Ruby: Call-context sensitivity for singleton method calls
2022-10-21 11:48:25 +02:00
Tom Hvitved
6feff7e3ed
Ruby: Add more data-flow call sensitivity tests
2022-10-21 09:36:34 +02:00
erik-krogh
c13e8e4f48
Merge branch 'main' into formatTaint
2022-10-20 10:46:16 +02:00
Tom Hvitved
61b9065135
Ruby: Fix syntax error in a test
2022-10-18 16:49:32 +02:00
erik-krogh
bb4bc55c6a
update expected output
2022-10-17 15:52:21 +02:00
Asger F
6daa1c432b
Ruby: update test output
2022-10-11 09:03:51 +02:00
Asger F
d55925d8d4
Ruby: support splat type-tracking step
2022-10-11 09:03:51 +02:00
Tom Hvitved
0e6735b804
Merge pull request #10691 from hvitved/dataflow/conjunctive-clears
...
Data flow: Take conjunctive `With(out)Contents` into account in `prohibitsUseUseFlow`
2022-10-06 09:03:30 +02:00
Asger F
decd4c93c7
Ruby: update type tracking test
2022-10-05 15:15:52 +02:00
Tom Hvitved
e51c20bfc7
Data flow: Take conjunctive With(out)Contents into account in prohibitsUseUseFlow
2022-10-05 12:58:29 +02:00
Tom Hvitved
9d23742ed6
Ruby: Add test that illustrates issue with conjunctive WithoutContents
2022-10-05 11:26:23 +02:00
Asger F
f664a77a02
Ruby: ensure Hash flow works again
2022-10-05 11:07:55 +02:00
Asger F
6f74a52542
Merge branch 'main' into rb/summarize-more
2022-10-05 09:55:23 +02:00
Asger F
8b7ec20573
Merge branch 'main' into rb/summarize-more
2022-10-05 09:43:52 +02:00
