hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ea4c2e432100cb15e4ad5448d02c36153a6f9f95
codeql/ruby/ql/test/query-tests/security/cwe-022/PathInjection.expected
erik-krogh 8f0c0f3c17 add support for super calls to Kernel
2022-12-06 14:25:51 +01:00

141 lines
14 KiB
Plaintext
Raw Blame History

edges
| ArchiveApiPathTraversal.rb:5:26:5:31 | call to params : | ArchiveApiPathTraversal.rb:5:26:5:42 | ...[...] : |
| ArchiveApiPathTraversal.rb:5:26:5:42 | ...[...] : | ArchiveApiPathTraversal.rb:49:17:49:27 | destination : |
| ArchiveApiPathTraversal.rb:10:11:10:16 | call to params : | ArchiveApiPathTraversal.rb:10:11:10:23 | ...[...] : |
| ArchiveApiPathTraversal.rb:10:11:10:23 | ...[...] : | ArchiveApiPathTraversal.rb:67:13:67:16 | file : |
| ArchiveApiPathTraversal.rb:15:9:15:14 | call to params : | ArchiveApiPathTraversal.rb:15:9:15:25 | ...[...] : |
| ArchiveApiPathTraversal.rb:15:9:15:25 | ...[...] : | ArchiveApiPathTraversal.rb:75:11:75:18 | filename : |
| ArchiveApiPathTraversal.rb:49:17:49:27 | destination : | ArchiveApiPathTraversal.rb:52:38:52:48 | destination : |
| ArchiveApiPathTraversal.rb:52:28:52:67 | call to join : | ArchiveApiPathTraversal.rb:59:21:59:36 | destination_file |
| ArchiveApiPathTraversal.rb:52:38:52:48 | destination : | ArchiveApiPathTraversal.rb:52:28:52:67 | call to join : |
| ArchiveApiPathTraversal.rb:67:13:67:16 | file : | ArchiveApiPathTraversal.rb:68:20:68:23 | file |
| ArchiveApiPathTraversal.rb:75:11:75:18 | filename : | ArchiveApiPathTraversal.rb:76:19:76:26 | filename |
| tainted_path.rb:4:12:4:17 | call to params : | tainted_path.rb:4:12:4:24 | ...[...] : |
| tainted_path.rb:4:12:4:24 | ...[...] : | tainted_path.rb:5:26:5:29 | path |
| tainted_path.rb:10:12:10:43 | call to absolute_path : | tainted_path.rb:11:26:11:29 | path |
| tainted_path.rb:10:31:10:36 | call to params : | tainted_path.rb:10:31:10:43 | ...[...] : |
| tainted_path.rb:10:31:10:43 | ...[...] : | tainted_path.rb:10:12:10:43 | call to absolute_path : |
| tainted_path.rb:16:15:16:41 | call to dirname : | tainted_path.rb:17:26:17:29 | path |
| tainted_path.rb:16:28:16:33 | call to params : | tainted_path.rb:16:28:16:40 | ...[...] : |
| tainted_path.rb:16:28:16:40 | ...[...] : | tainted_path.rb:16:15:16:41 | call to dirname : |
| tainted_path.rb:22:12:22:41 | call to expand_path : | tainted_path.rb:23:26:23:29 | path |
| tainted_path.rb:22:29:22:34 | call to params : | tainted_path.rb:22:29:22:41 | ...[...] : |
| tainted_path.rb:22:29:22:41 | ...[...] : | tainted_path.rb:22:12:22:41 | call to expand_path : |
| tainted_path.rb:28:12:28:34 | call to path : | tainted_path.rb:29:26:29:29 | path |
| tainted_path.rb:28:22:28:27 | call to params : | tainted_path.rb:28:22:28:34 | ...[...] : |
| tainted_path.rb:28:22:28:34 | ...[...] : | tainted_path.rb:28:12:28:34 | call to path : |
| tainted_path.rb:34:12:34:41 | call to realdirpath : | tainted_path.rb:35:26:35:29 | path |
| tainted_path.rb:34:29:34:34 | call to params : | tainted_path.rb:34:29:34:41 | ...[...] : |
| tainted_path.rb:34:29:34:41 | ...[...] : | tainted_path.rb:34:12:34:41 | call to realdirpath : |
| tainted_path.rb:40:12:40:38 | call to realpath : | tainted_path.rb:41:26:41:29 | path |
| tainted_path.rb:40:26:40:31 | call to params : | tainted_path.rb:40:26:40:38 | ...[...] : |
| tainted_path.rb:40:26:40:38 | ...[...] : | tainted_path.rb:40:12:40:38 | call to realpath : |
| tainted_path.rb:47:12:47:63 | call to join : | tainted_path.rb:48:26:48:29 | path |
| tainted_path.rb:47:43:47:48 | call to params : | tainted_path.rb:47:43:47:55 | ...[...] : |
| tainted_path.rb:47:43:47:55 | ...[...] : | tainted_path.rb:47:12:47:63 | call to join : |
| tainted_path.rb:59:12:59:53 | call to new : | tainted_path.rb:60:26:60:29 | path |
| tainted_path.rb:59:40:59:45 | call to params : | tainted_path.rb:59:40:59:52 | ...[...] : |
| tainted_path.rb:59:40:59:52 | ...[...] : | tainted_path.rb:59:12:59:53 | call to new : |
| tainted_path.rb:71:12:71:53 | call to new : | tainted_path.rb:72:15:72:18 | path |
| tainted_path.rb:71:40:71:45 | call to params : | tainted_path.rb:71:40:71:52 | ...[...] : |
| tainted_path.rb:71:40:71:52 | ...[...] : | tainted_path.rb:71:12:71:53 | call to new : |
| tainted_path.rb:77:12:77:53 | call to new : | tainted_path.rb:78:19:78:22 | path |
| tainted_path.rb:77:12:77:53 | call to new : | tainted_path.rb:79:14:79:17 | path |
| tainted_path.rb:77:40:77:45 | call to params : | tainted_path.rb:77:40:77:52 | ...[...] : |
| tainted_path.rb:77:40:77:52 | ...[...] : | tainted_path.rb:77:12:77:53 | call to new : |
| tainted_path.rb:84:12:84:53 | call to new : | tainted_path.rb:85:10:85:13 | path |
| tainted_path.rb:84:12:84:53 | call to new : | tainted_path.rb:86:25:86:28 | path |
| tainted_path.rb:84:40:84:45 | call to params : | tainted_path.rb:84:40:84:52 | ...[...] : |
| tainted_path.rb:84:40:84:52 | ...[...] : | tainted_path.rb:84:12:84:53 | call to new : |
| tainted_path.rb:90:12:90:53 | call to new : | tainted_path.rb:92:11:92:14 | path |
| tainted_path.rb:90:40:90:45 | call to params : | tainted_path.rb:90:40:90:52 | ...[...] : |
| tainted_path.rb:90:40:90:52 | ...[...] : | tainted_path.rb:90:12:90:53 | call to new : |
nodes
| ArchiveApiPathTraversal.rb:5:26:5:31 | call to params : | semmle.label | call to params : |
| ArchiveApiPathTraversal.rb:5:26:5:42 | ...[...] : | semmle.label | ...[...] : |
| ArchiveApiPathTraversal.rb:10:11:10:16 | call to params : | semmle.label | call to params : |
| ArchiveApiPathTraversal.rb:10:11:10:23 | ...[...] : | semmle.label | ...[...] : |
| ArchiveApiPathTraversal.rb:15:9:15:14 | call to params : | semmle.label | call to params : |
| ArchiveApiPathTraversal.rb:15:9:15:25 | ...[...] : | semmle.label | ...[...] : |
| ArchiveApiPathTraversal.rb:49:17:49:27 | destination : | semmle.label | destination : |
| ArchiveApiPathTraversal.rb:52:28:52:67 | call to join : | semmle.label | call to join : |
| ArchiveApiPathTraversal.rb:52:38:52:48 | destination : | semmle.label | destination : |
| ArchiveApiPathTraversal.rb:59:21:59:36 | destination_file | semmle.label | destination_file |
| ArchiveApiPathTraversal.rb:67:13:67:16 | file : | semmle.label | file : |
| ArchiveApiPathTraversal.rb:68:20:68:23 | file | semmle.label | file |
| ArchiveApiPathTraversal.rb:75:11:75:18 | filename : | semmle.label | filename : |
| ArchiveApiPathTraversal.rb:76:19:76:26 | filename | semmle.label | filename |
| tainted_path.rb:4:12:4:17 | call to params : | semmle.label | call to params : |
| tainted_path.rb:4:12:4:24 | ...[...] : | semmle.label | ...[...] : |
| tainted_path.rb:5:26:5:29 | path | semmle.label | path |
| tainted_path.rb:10:12:10:43 | call to absolute_path : | semmle.label | call to absolute_path : |
| tainted_path.rb:10:31:10:36 | call to params : | semmle.label | call to params : |
| tainted_path.rb:10:31:10:43 | ...[...] : | semmle.label | ...[...] : |
| tainted_path.rb:11:26:11:29 | path | semmle.label | path |
| tainted_path.rb:16:15:16:41 | call to dirname : | semmle.label | call to dirname : |
| tainted_path.rb:16:28:16:33 | call to params : | semmle.label | call to params : |
| tainted_path.rb:16:28:16:40 | ...[...] : | semmle.label | ...[...] : |
| tainted_path.rb:17:26:17:29 | path | semmle.label | path |
| tainted_path.rb:22:12:22:41 | call to expand_path : | semmle.label | call to expand_path : |
| tainted_path.rb:22:29:22:34 | call to params : | semmle.label | call to params : |
| tainted_path.rb:22:29:22:41 | ...[...] : | semmle.label | ...[...] : |
| tainted_path.rb:23:26:23:29 | path | semmle.label | path |
| tainted_path.rb:28:12:28:34 | call to path : | semmle.label | call to path : |
| tainted_path.rb:28:22:28:27 | call to params : | semmle.label | call to params : |
| tainted_path.rb:28:22:28:34 | ...[...] : | semmle.label | ...[...] : |
| tainted_path.rb:29:26:29:29 | path | semmle.label | path |
| tainted_path.rb:34:12:34:41 | call to realdirpath : | semmle.label | call to realdirpath : |
| tainted_path.rb:34:29:34:34 | call to params : | semmle.label | call to params : |
| tainted_path.rb:34:29:34:41 | ...[...] : | semmle.label | ...[...] : |
| tainted_path.rb:35:26:35:29 | path | semmle.label | path |
| tainted_path.rb:40:12:40:38 | call to realpath : | semmle.label | call to realpath : |
| tainted_path.rb:40:26:40:31 | call to params : | semmle.label | call to params : |
| tainted_path.rb:40:26:40:38 | ...[...] : | semmle.label | ...[...] : |
| tainted_path.rb:41:26:41:29 | path | semmle.label | path |
| tainted_path.rb:47:12:47:63 | call to join : | semmle.label | call to join : |
| tainted_path.rb:47:43:47:48 | call to params : | semmle.label | call to params : |
| tainted_path.rb:47:43:47:55 | ...[...] : | semmle.label | ...[...] : |
| tainted_path.rb:48:26:48:29 | path | semmle.label | path |
| tainted_path.rb:59:12:59:53 | call to new : | semmle.label | call to new : |
| tainted_path.rb:59:40:59:45 | call to params : | semmle.label | call to params : |
| tainted_path.rb:59:40:59:52 | ...[...] : | semmle.label | ...[...] : |
| tainted_path.rb:60:26:60:29 | path | semmle.label | path |
| tainted_path.rb:71:12:71:53 | call to new : | semmle.label | call to new : |
| tainted_path.rb:71:40:71:45 | call to params : | semmle.label | call to params : |
| tainted_path.rb:71:40:71:52 | ...[...] : | semmle.label | ...[...] : |
| tainted_path.rb:72:15:72:18 | path | semmle.label | path |
| tainted_path.rb:77:12:77:53 | call to new : | semmle.label | call to new : |
| tainted_path.rb:77:40:77:45 | call to params : | semmle.label | call to params : |
| tainted_path.rb:77:40:77:52 | ...[...] : | semmle.label | ...[...] : |
| tainted_path.rb:78:19:78:22 | path | semmle.label | path |
| tainted_path.rb:79:14:79:17 | path | semmle.label | path |
| tainted_path.rb:84:12:84:53 | call to new : | semmle.label | call to new : |
| tainted_path.rb:84:40:84:45 | call to params : | semmle.label | call to params : |
| tainted_path.rb:84:40:84:52 | ...[...] : | semmle.label | ...[...] : |
| tainted_path.rb:85:10:85:13 | path | semmle.label | path |
| tainted_path.rb:86:25:86:28 | path | semmle.label | path |
| tainted_path.rb:90:12:90:53 | call to new : | semmle.label | call to new : |
| tainted_path.rb:90:40:90:45 | call to params : | semmle.label | call to params : |
| tainted_path.rb:90:40:90:52 | ...[...] : | semmle.label | ...[...] : |
| tainted_path.rb:92:11:92:14 | path | semmle.label | path |
subpaths
#select
| ArchiveApiPathTraversal.rb:59:21:59:36 | destination_file | ArchiveApiPathTraversal.rb:5:26:5:31 | call to params : | ArchiveApiPathTraversal.rb:59:21:59:36 | destination_file | This path depends on a $@. | ArchiveApiPathTraversal.rb:5:26:5:31 | call to params | user-provided value |
| ArchiveApiPathTraversal.rb:68:20:68:23 | file | ArchiveApiPathTraversal.rb:10:11:10:16 | call to params : | ArchiveApiPathTraversal.rb:68:20:68:23 | file | This path depends on a $@. | ArchiveApiPathTraversal.rb:10:11:10:16 | call to params | user-provided value |
| ArchiveApiPathTraversal.rb:76:19:76:26 | filename | ArchiveApiPathTraversal.rb:15:9:15:14 | call to params : | ArchiveApiPathTraversal.rb:76:19:76:26 | filename | This path depends on a $@. | ArchiveApiPathTraversal.rb:15:9:15:14 | call to params | user-provided value |
| tainted_path.rb:5:26:5:29 | path | tainted_path.rb:4:12:4:17 | call to params : | tainted_path.rb:5:26:5:29 | path | This path depends on a $@. | tainted_path.rb:4:12:4:17 | call to params | user-provided value |
| tainted_path.rb:11:26:11:29 | path | tainted_path.rb:10:31:10:36 | call to params : | tainted_path.rb:11:26:11:29 | path | This path depends on a $@. | tainted_path.rb:10:31:10:36 | call to params | user-provided value |
| tainted_path.rb:17:26:17:29 | path | tainted_path.rb:16:28:16:33 | call to params : | tainted_path.rb:17:26:17:29 | path | This path depends on a $@. | tainted_path.rb:16:28:16:33 | call to params | user-provided value |
| tainted_path.rb:23:26:23:29 | path | tainted_path.rb:22:29:22:34 | call to params : | tainted_path.rb:23:26:23:29 | path | This path depends on a $@. | tainted_path.rb:22:29:22:34 | call to params | user-provided value |
| tainted_path.rb:29:26:29:29 | path | tainted_path.rb:28:22:28:27 | call to params : | tainted_path.rb:29:26:29:29 | path | This path depends on a $@. | tainted_path.rb:28:22:28:27 | call to params | user-provided value |
| tainted_path.rb:35:26:35:29 | path | tainted_path.rb:34:29:34:34 | call to params : | tainted_path.rb:35:26:35:29 | path | This path depends on a $@. | tainted_path.rb:34:29:34:34 | call to params | user-provided value |
| tainted_path.rb:41:26:41:29 | path | tainted_path.rb:40:26:40:31 | call to params : | tainted_path.rb:41:26:41:29 | path | This path depends on a $@. | tainted_path.rb:40:26:40:31 | call to params | user-provided value |
| tainted_path.rb:48:26:48:29 | path | tainted_path.rb:47:43:47:48 | call to params : | tainted_path.rb:48:26:48:29 | path | This path depends on a $@. | tainted_path.rb:47:43:47:48 | call to params | user-provided value |
| tainted_path.rb:60:26:60:29 | path | tainted_path.rb:59:40:59:45 | call to params : | tainted_path.rb:60:26:60:29 | path | This path depends on a $@. | tainted_path.rb:59:40:59:45 | call to params | user-provided value |
| tainted_path.rb:72:15:72:18 | path | tainted_path.rb:71:40:71:45 | call to params : | tainted_path.rb:72:15:72:18 | path | This path depends on a $@. | tainted_path.rb:71:40:71:45 | call to params | user-provided value |
| tainted_path.rb:78:19:78:22 | path | tainted_path.rb:77:40:77:45 | call to params : | tainted_path.rb:78:19:78:22 | path | This path depends on a $@. | tainted_path.rb:77:40:77:45 | call to params | user-provided value |
| tainted_path.rb:79:14:79:17 | path | tainted_path.rb:77:40:77:45 | call to params : | tainted_path.rb:79:14:79:17 | path | This path depends on a $@. | tainted_path.rb:77:40:77:45 | call to params | user-provided value |
| tainted_path.rb:85:10:85:13 | path | tainted_path.rb:84:40:84:45 | call to params : | tainted_path.rb:85:10:85:13 | path | This path depends on a $@. | tainted_path.rb:84:40:84:45 | call to params | user-provided value |
| tainted_path.rb:86:25:86:28 | path | tainted_path.rb:84:40:84:45 | call to params : | tainted_path.rb:86:25:86:28 | path | This path depends on a $@. | tainted_path.rb:84:40:84:45 | call to params | user-provided value |
| tainted_path.rb:92:11:92:14 | path | tainted_path.rb:90:40:90:45 | call to params : | tainted_path.rb:92:11:92:14 | path | This path depends on a $@. | tainted_path.rb:90:40:90:45 | call to params | user-provided value |
Reference in New Issue View Git Blame Copy Permalink