Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 7ae5d40

Browse files
michaelnebelmichaelnebel
authored
Merge pull request #20332 from michaelnebel/ruby/ql4ql
Ruby: Fix some Ql4Ql violations.
2 parents 88ee20f + c5cf46b commit 7ae5d40

6 files changed

Lines changed: 24 additions & 24 deletions

File tree

ruby/ql/lib/codeql/ruby/ApiGraphs.qll

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
/**
2-
* Provides an implementation of _API graphs_, which allow efficient modelling of how a given
2+
* Provides an implementation of _API graphs_, which allow efficient modeling of how a given
33
* value is used by the code base or how values produced by the code base are consumed by a library.
44
*
55
* See `API::Node` for more details.

ruby/ql/lib/codeql/ruby/frameworks/core/Kernel.qll

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ module Kernel {
5050
}
5151

5252
/**
53-
* Private methods in the `Kernel` module.
53+
* Holds if `method` is a name of a private method in the `Kernel` module.
5454
* These can be be invoked on `self`, on `Kernel`, or using a low-level primitive like `send` or `instance_eval`.
5555
* ```ruby
5656
* puts "hello world"

ruby/ql/lib/codeql/ruby/frameworks/http_clients/Excon.qll

Lines changed: 18 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -25,27 +25,28 @@ private import codeql.ruby.DataFlow
2525
*/
2626
class ExconHttpRequest extends Http::Client::Request::Range instanceof DataFlow::CallNode {
2727
API::Node requestNode;
28-
API::Node connectionNode;
2928
DataFlow::Node connectionUse;
3029

3130
ExconHttpRequest() {
3231
this = requestNode.asSource() and
33-
connectionUse = connectionNode.asSource() and
34-
connectionNode =
35-
[
36-
// one-off requests
37-
API::getTopLevelMember("Excon"),
38-
// connection re-use
39-
API::getTopLevelMember("Excon").getInstance(),
40-
API::getTopLevelMember("Excon").getMember("Connection").getInstance()
41-
] and
42-
requestNode =
43-
connectionNode
44-
.getReturn([
45-
// Excon#request exists but Excon.request doesn't.
46-
// This shouldn't be a problem - in real code the latter would raise NoMethodError anyway.
47-
"get", "head", "delete", "options", "post", "put", "patch", "trace", "request"
48-
])
32+
exists(API::Node connectionNode |
33+
connectionUse = connectionNode.asSource() and
34+
connectionNode =
35+
[
36+
// one-off requests
37+
API::getTopLevelMember("Excon"),
38+
// connection re-use
39+
API::getTopLevelMember("Excon").getInstance(),
40+
API::getTopLevelMember("Excon").getMember("Connection").getInstance()
41+
] and
42+
requestNode =
43+
connectionNode
44+
.getReturn([
45+
// Excon#request exists but Excon.request doesn't.
46+
// This shouldn't be a problem - in real code the latter would raise NoMethodError anyway.
47+
"get", "head", "delete", "options", "post", "put", "patch", "trace", "request"
48+
])
49+
)
4950
}
5051

5152
override DataFlow::Node getResponseBody() { result = requestNode.getAMethodCall("body") }

ruby/ql/lib/codeql/ruby/frameworks/http_clients/NetHttp.qll

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,11 +27,10 @@ private import codeql.ruby.DataFlow
2727
class NetHttpRequest extends Http::Client::Request::Range instanceof DataFlow::CallNode {
2828
private DataFlow::CallNode request;
2929
API::Node requestNode;
30-
API::Node connectionNode;
3130
private boolean returnsResponseBody;
3231

3332
NetHttpRequest() {
34-
exists(string method |
33+
exists(string method, API::Node connectionNode |
3534
request = requestNode.asSource() and
3635
this = request and
3736
requestNode = connectionNode.getReturn(method)

ruby/ql/lib/codeql/ruby/regexp/internal/ParseRegExp.qll

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -194,7 +194,7 @@ abstract class RegExp extends Ast::StringlikeLiteral {
194194
}
195195

196196
/**
197-
* Holds if the character set starting at `charset_start` contains a character range
197+
* Holds if the character set starting at `charsetStart` contains a character range
198198
* with lower bound found between `start` and `lowerEnd`
199199
* and upper bound found between `upperStart` and `end`.
200200
*/

ruby/ql/lib/codeql/ruby/security/ImproperMemoizationQuery.qll

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,7 @@ private class MemoCandidate extends Method {
4545
}
4646

4747
/**
48-
* Holds if parameter `p` of `m` is read in the right hand side of `assign`.
48+
* Holds if parameter `p` of `m` is read in the right hand side of `a`.
4949
*/
5050
private predicate parameterUsedInMemoValue(Method m, Parameter p, MemoStmt a) {
5151
p = m.getAParameter() and
@@ -54,7 +54,7 @@ private predicate parameterUsedInMemoValue(Method m, Parameter p, MemoStmt a) {
5454
}
5555

5656
/**
57-
* Holds if parameter `p` of `m` is read in the left hand side of `assign`.
57+
* Holds if parameter `p` of `m` is read in the left hand side of `a`.
5858
*/
5959
private predicate parameterUsedInMemoKey(Method m, Parameter p, HashMemoStmt a) {
6060
p = m.getAParameter() and

0 commit comments

Comments
 (0)