-
Notifications
You must be signed in to change notification settings - Fork 2k
Expand file tree
/
Copy pathSlim.qll
More file actions
38 lines (32 loc) · 1.34 KB
/
Slim.qll
File metadata and controls
38 lines (32 loc) · 1.34 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
/**
* Provides templating for embedding Ruby code into text files, allowing dynamic content generation in web applications.
*/
private import codeql.ruby.ApiGraphs
private import codeql.ruby.dataflow.FlowSummary
private import codeql.ruby.Concepts
/**
* Provides templating for embedding Ruby code into text files, allowing dynamic content generation in web applications.
*/
module Slim {
/** A call to `Slim::Template.new`, considered as a template construction. */
private class SlimTemplateNewCall extends TemplateConstruction::Range, DataFlow::CallNode {
SlimTemplateNewCall() {
this = API::getTopLevelMember("Slim").getMember("Template").getAnInstantiation()
}
override DataFlow::Node getTemplate() {
result.asExpr().getExpr() =
this.getBlock().(DataFlow::BlockNode).asCallableAstNode().getAStmt()
}
}
/** A call to `Slim::Template.new{ foo }.render`, considered as a template rendering */
private class SlimTemplateRendering extends TemplateRendering::Range, DataFlow::CallNode {
private DataFlow::Node template;
SlimTemplateRendering() {
exists(SlimTemplateNewCall templateConstruction |
this = templateConstruction.getAMethodCall("render") and
template = templateConstruction.getTemplate()
)
}
override DataFlow::Node getTemplate() { result = template }
}
}