mirror of
https://github.com/github/codeql.git
synced 2026-02-10 20:21:10 +01:00
18 lines
628 B
Plaintext
18 lines
628 B
Plaintext
import codeql.ruby.AST
|
|
import codeql.ruby.frameworks.PosixSpawn
|
|
import codeql.ruby.DataFlow
|
|
|
|
query predicate systemCalls(
|
|
PosixSpawn::SystemCall call, DataFlow::Node arg, boolean shellInterpreted
|
|
) {
|
|
call.isShellInterpreted(arg) and shellInterpreted = true
|
|
or
|
|
not call.isShellInterpreted(arg) and arg = call.getAnArgument() and shellInterpreted = false
|
|
}
|
|
|
|
query predicate childCalls(PosixSpawn::ChildCall call, DataFlow::Node arg, boolean shellInterpreted) {
|
|
call.isShellInterpreted(arg) and shellInterpreted = true
|
|
or
|
|
not call.isShellInterpreted(arg) and arg = call.getAnArgument() and shellInterpreted = false
|
|
}
|