codeql/ActiveSupport.ql at 360cf0ff17754359bd2015dcaedc8f14f3e094c3 - codeql - Gitea: Git with a cup of tea

hohn/codeql

mirror of https://github.com/github/codeql.git synced 2026-03-05 23:26:51 +01:00

Files

Harry Maclean c65ca8ff86 Model calls to constantize as code executions

`constantize` is an ActiveSupport extension to `String` that attempts to
look up a constant with a name matching the receiver.

2022-02-03 15:22:07 +13:00

6 lines

164 B

Plaintext

Raw Blame History

 import codeql.ruby.frameworks.ActiveSupport
 query DataFlow::Node constantizeCalls(ActiveSupport::CoreExtensions::String::Constantize c) {
   result = c.getCode()
 }