Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 12ce46e

Browse files
asgerfasgerf
committed
Ruby: port part of Railties model
1 parent 38955d1 commit 12ce46e

1 file changed

Lines changed: 10 additions & 20 deletions

File tree

ruby/ql/lib/codeql/ruby/frameworks/Railties.qll

Lines changed: 10 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -12,26 +12,15 @@ private import codeql.ruby.DataFlow
1212
* Modeling for `railties`.
1313
*/
1414
module Railties {
15-
private class IncludeOrPrependCall extends MethodCall {
16-
IncludeOrPrependCall() { this.getMethodName() = ["include", "prepend"] }
15+
private DataFlow::ConstRef generatorsActionsConst() {
16+
result = DataFlow::getConst("Rails").getConst("Generators").getConst("Actions")
1717
}
1818

1919
/**
20-
* A class which `include`s `Rails::Generators::Actions`.
20+
* Gets a class which is a descendent of `Rails::Generators::Actions`.
2121
*/
22-
private class GeneratorsActionsContext extends ClassDeclaration {
23-
GeneratorsActionsContext() {
24-
exists(IncludeOrPrependCall i |
25-
i.getEnclosingModule() = this and
26-
i.getArgument(0) =
27-
API::getTopLevelMember("Rails")
28-
.getMember("Generators")
29-
.getMember("Actions")
30-
.getAValueReachableFromSource()
31-
.asExpr()
32-
.getExpr()
33-
)
34-
}
22+
private DataFlow::ClassNode generatorsActionsClass() {
23+
result = generatorsActionsConst().getADescendentModule()
3524
}
3625

3726
/**
@@ -40,8 +29,7 @@ module Railties {
4029
*/
4130
private class ExecuteCommandCall extends SystemCommandExecution::Range, DataFlow::CallNode {
4231
ExecuteCommandCall() {
43-
this.asExpr().getExpr().getEnclosingModule() instanceof GeneratorsActionsContext and
44-
this.getMethodName() = "execute_command"
32+
this = generatorsActionsClass().getAnInstanceSelf().getAMethodCall("execute_command")
4533
}
4634

4735
override DataFlow::Node getAnArgument() { result = this.getArgument([0, 1]) }
@@ -54,8 +42,10 @@ module Railties {
5442
*/
5543
private class ExecuteCommandWrapperCall extends SystemCommandExecution::Range, DataFlow::CallNode {
5644
ExecuteCommandWrapperCall() {
57-
this.asExpr().getExpr().getEnclosingModule() instanceof GeneratorsActionsContext and
58-
this.getMethodName() = ["rake", "rails_command", "git"]
45+
this =
46+
generatorsActionsClass()
47+
.getAnInstanceSelf()
48+
.getAMethodCall(["rake", "rails_command", "git"])
5949
}
6050

6151
override DataFlow::Node getAnArgument() { result = this.getArgument(0) }

0 commit comments

Comments
 (0)