Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ruby: Minor fixes for dataflow queries #14274

Merged
merged 14 commits into from
Sep 21, 2023
Merged

Ruby: Minor fixes for dataflow queries #14274

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
e45edca
Ruby: remove unused import
alexrford Sep 18, 2023
9d421ff
Ruby: configsig rb/improper-ldap-auth
alexrford Sep 18, 2023
4cb91e0
Ruby: deprecate some flow states
alexrford Sep 18, 2023
489f598
Ruby: delete DataFlowImplForPathname
alexrford Sep 21, 2023
1dbba19
Ruby: use new dataflow api in Excon.qll
alexrford Sep 21, 2023
1ffcf4b
Ruby: use new dataflow api in Faraday.qll
alexrford Sep 21, 2023
92941a4
Ruby: use new dataflow api in HttpClient.qll
alexrford Sep 21, 2023
fc7e753
Ruby: use new dataflow api in Httparty.qll
alexrford Sep 21, 2023
0978229
Ruby: use new dataflow api in NetHttp.qll
alexrford Sep 21, 2023
25203d9
Ruby: use new dataflow api in OpenURI.qll
alexrford Sep 21, 2023
699f752
Ruby: use new dataflow api in RestClient.qll
alexrford Sep 21, 2023
a64d372
Ruby: use new dataflow api in Typhoeus.qll
alexrford Sep 21, 2023
840b1e0
Ruby: delete DataFlowImplForHttpClientLibraries
alexrford Sep 21, 2023
4031623
Ruby: delete identical-files refs to deleted files
alexrford Sep 21, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 10 additions & 4 deletions ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,19 @@ private import codeql.ruby.TaintTracking
private import codeql.ruby.ApiGraphs
import UnicodeBypassValidationCustomizations::UnicodeBypassValidation

/** A state signifying that a logical validation has not been performed. */
class PreValidation extends DataFlow::FlowState {
/**
* A state signifying that a logical validation has not been performed.
* DEPRECATED: Use `PreValidationState()`
*/
deprecated class PreValidation extends DataFlow::FlowState {
PreValidation() { this = "PreValidation" }
}

/** A state signifying that a logical validation has been performed. */
class PostValidation extends DataFlow::FlowState {
/**
* A state signifying that a logical validation has been performed.
* DEPRECATED: Use `PostValidationState()`
*/
deprecated class PostValidation extends DataFlow::FlowState {
PostValidation() { this = "PostValidation" }
}

Expand Down
16 changes: 15 additions & 1 deletion ruby/ql/lib/codeql/ruby/security/ImproperLdapAuthQuery.qll
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,9 @@ private import ImproperLdapAuthCustomizations::ImproperLdapAuth

/**
* A taint-tracking configuration for detecting improper LDAP authentication vulnerabilities.
* DEPRECATED: Use `ImproperLdapAuthFlow` instead
*/
class Configuration extends TaintTracking::Configuration {
deprecated class Configuration extends TaintTracking::Configuration {
Configuration() { this = "ImproperLdapAuth" }

override predicate isSource(DataFlow::Node source) { source instanceof Source }
Expand All @@ -19,3 +20,16 @@ class Configuration extends TaintTracking::Configuration {

override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
}

private module ImproperLdapAuthConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof Source }

predicate isSink(DataFlow::Node sink) { sink instanceof Sink }

predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
}

/**
* Taint-tracking for detecting improper LDAP authentication vulnerabilities.
*/
module ImproperLdapAuthFlow = TaintTracking::Global<ImproperLdapAuthConfig>;
1 change: 0 additions & 1 deletion ruby/ql/lib/codeql/ruby/security/UnsafeShellCommandConstructionCustomizations.qll
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@

private import ruby
private import codeql.ruby.DataFlow
private import codeql.ruby.DataFlow2
private import codeql.ruby.ApiGraphs
private import codeql.ruby.frameworks.core.Gem::Gem as Gem
private import codeql.ruby.Concepts as Concepts
Expand Down
6 changes: 3 additions & 3 deletions ruby/ql/src/experimental/ldap-improper-auth/ImproperLdapAuth.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,9 @@
import codeql.ruby.DataFlow
import codeql.ruby.security.ImproperLdapAuthQuery
import codeql.ruby.Concepts
import DataFlow::PathGraph
import ImproperLdapAuthFlow::PathGraph

from Configuration config, DataFlow::PathNode source, DataFlow::PathNode sink
where config.hasFlowPath(source, sink)
from ImproperLdapAuthFlow::PathNode source, ImproperLdapAuthFlow::PathNode sink
where ImproperLdapAuthFlow::flowPath(source, sink)
select sink.getNode(), source, sink, "This LDAP authencation depends on a $@.", source.getNode(),
"user-provided value"
Loading