Ruby: add select clause back to Summaries.ql

asgerf · asgerf · commit 0b30ecf36a74 · 2022-03-28T13:57:50.000+02:00
diff --git a/ruby/ql/test/library-tests/dataflow/summaries/Summaries.expected b/ruby/ql/test/library-tests/dataflow/summaries/Summaries.expected
@@ -1,6 +1,158 @@
 failures
+edges
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:2:6:2:12 | tainted |
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:2:6:2:12 | tainted |
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:4:24:4:30 | tainted :  |
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:4:24:4:30 | tainted :  |
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:16:36:16:42 | tainted :  |
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:16:36:16:42 | tainted :  |
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:20:25:20:31 | tainted :  |
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:26:31:26:37 | tainted :  |
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:30:24:30:30 | tainted :  |
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:31:27:31:33 | tainted :  |
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:34:16:34:22 | tainted |
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:34:16:34:22 | tainted |
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:35:16:35:22 | tainted |
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:35:16:35:22 | tainted |
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:36:21:36:27 | tainted |
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:36:21:36:27 | tainted |
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:37:36:37:42 | tainted |
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:37:36:37:42 | tainted |
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:51:24:51:30 | tainted :  |
+| summaries.rb:1:11:1:36 | call to identity :  | summaries.rb:54:23:54:29 | tainted :  |
+| summaries.rb:1:20:1:36 | call to source :  | summaries.rb:1:11:1:36 | call to identity :  |
+| summaries.rb:1:20:1:36 | call to source :  | summaries.rb:1:11:1:36 | call to identity :  |
+| summaries.rb:4:12:7:3 | call to apply_block :  | summaries.rb:9:6:9:13 | tainted2 |
+| summaries.rb:4:12:7:3 | call to apply_block :  | summaries.rb:9:6:9:13 | tainted2 |
+| summaries.rb:4:24:4:30 | tainted :  | summaries.rb:4:12:7:3 | call to apply_block :  |
+| summaries.rb:4:24:4:30 | tainted :  | summaries.rb:4:12:7:3 | call to apply_block :  |
+| summaries.rb:4:24:4:30 | tainted :  | summaries.rb:4:36:4:36 | x :  |
+| summaries.rb:4:24:4:30 | tainted :  | summaries.rb:4:36:4:36 | x :  |
+| summaries.rb:4:36:4:36 | x :  | summaries.rb:5:8:5:8 | x |
+| summaries.rb:4:36:4:36 | x :  | summaries.rb:5:8:5:8 | x |
+| summaries.rb:11:17:11:17 | x :  | summaries.rb:12:8:12:8 | x |
+| summaries.rb:11:17:11:17 | x :  | summaries.rb:12:8:12:8 | x |
+| summaries.rb:16:12:16:43 | call to apply_lambda :  | summaries.rb:18:6:18:13 | tainted3 |
+| summaries.rb:16:12:16:43 | call to apply_lambda :  | summaries.rb:18:6:18:13 | tainted3 |
+| summaries.rb:16:36:16:42 | tainted :  | summaries.rb:11:17:11:17 | x :  |
+| summaries.rb:16:36:16:42 | tainted :  | summaries.rb:11:17:11:17 | x :  |
+| summaries.rb:16:36:16:42 | tainted :  | summaries.rb:16:12:16:43 | call to apply_lambda :  |
+| summaries.rb:16:36:16:42 | tainted :  | summaries.rb:16:12:16:43 | call to apply_lambda :  |
+| summaries.rb:20:12:20:32 | call to firstArg :  | summaries.rb:21:6:21:13 | tainted4 |
+| summaries.rb:20:25:20:31 | tainted :  | summaries.rb:20:12:20:32 | call to firstArg :  |
+| summaries.rb:26:12:26:38 | call to secondArg :  | summaries.rb:27:6:27:13 | tainted5 |
+| summaries.rb:26:31:26:37 | tainted :  | summaries.rb:26:12:26:38 | call to secondArg :  |
+| summaries.rb:30:24:30:30 | tainted :  | summaries.rb:30:6:30:42 | call to onlyWithBlock |
+| summaries.rb:31:27:31:33 | tainted :  | summaries.rb:31:6:31:34 | call to onlyWithoutBlock |
+| summaries.rb:40:7:40:17 | call to source :  | summaries.rb:41:24:41:24 | t :  |
+| summaries.rb:40:7:40:17 | call to source :  | summaries.rb:42:24:42:24 | t :  |
+| summaries.rb:40:7:40:17 | call to source :  | summaries.rb:44:8:44:8 | t :  |
+| summaries.rb:41:24:41:24 | t :  | summaries.rb:41:8:41:25 | call to matchedByName |
+| summaries.rb:42:24:42:24 | t :  | summaries.rb:42:8:42:25 | call to matchedByName |
+| summaries.rb:44:8:44:8 | t :  | summaries.rb:44:8:44:27 | call to matchedByNameRcv |
+| summaries.rb:48:24:48:41 | call to source :  | summaries.rb:48:8:48:42 | call to preserveTaint |
+| summaries.rb:51:24:51:30 | tainted :  | summaries.rb:51:6:51:31 | call to namedArg |
+| summaries.rb:54:23:54:29 | tainted :  | summaries.rb:54:40:54:40 | x :  |
+| summaries.rb:54:40:54:40 | x :  | summaries.rb:55:8:55:8 | x |
+| summaries.rb:62:24:62:53 | call to source :  | summaries.rb:62:8:62:54 | call to preserveTaint |
+| summaries.rb:65:26:65:56 | call to source :  | summaries.rb:65:8:65:57 | call to preserveTaint |
+nodes
+| summaries.rb:1:11:1:36 | call to identity :  | semmle.label | call to identity :  |
+| summaries.rb:1:11:1:36 | call to identity :  | semmle.label | call to identity :  |
+| summaries.rb:1:20:1:36 | call to source :  | semmle.label | call to source :  |
+| summaries.rb:1:20:1:36 | call to source :  | semmle.label | call to source :  |
+| summaries.rb:2:6:2:12 | tainted | semmle.label | tainted |
+| summaries.rb:2:6:2:12 | tainted | semmle.label | tainted |
+| summaries.rb:4:12:7:3 | call to apply_block :  | semmle.label | call to apply_block :  |
+| summaries.rb:4:12:7:3 | call to apply_block :  | semmle.label | call to apply_block :  |
+| summaries.rb:4:24:4:30 | tainted :  | semmle.label | tainted :  |
+| summaries.rb:4:24:4:30 | tainted :  | semmle.label | tainted :  |
+| summaries.rb:4:36:4:36 | x :  | semmle.label | x :  |
+| summaries.rb:4:36:4:36 | x :  | semmle.label | x :  |
+| summaries.rb:5:8:5:8 | x | semmle.label | x |
+| summaries.rb:5:8:5:8 | x | semmle.label | x |
+| summaries.rb:9:6:9:13 | tainted2 | semmle.label | tainted2 |
+| summaries.rb:9:6:9:13 | tainted2 | semmle.label | tainted2 |
+| summaries.rb:11:17:11:17 | x :  | semmle.label | x :  |
+| summaries.rb:11:17:11:17 | x :  | semmle.label | x :  |
+| summaries.rb:12:8:12:8 | x | semmle.label | x |
+| summaries.rb:12:8:12:8 | x | semmle.label | x |
+| summaries.rb:16:12:16:43 | call to apply_lambda :  | semmle.label | call to apply_lambda :  |
+| summaries.rb:16:12:16:43 | call to apply_lambda :  | semmle.label | call to apply_lambda :  |
+| summaries.rb:16:36:16:42 | tainted :  | semmle.label | tainted :  |
+| summaries.rb:16:36:16:42 | tainted :  | semmle.label | tainted :  |
+| summaries.rb:18:6:18:13 | tainted3 | semmle.label | tainted3 |
+| summaries.rb:18:6:18:13 | tainted3 | semmle.label | tainted3 |
+| summaries.rb:20:12:20:32 | call to firstArg :  | semmle.label | call to firstArg :  |
+| summaries.rb:20:25:20:31 | tainted :  | semmle.label | tainted :  |
+| summaries.rb:21:6:21:13 | tainted4 | semmle.label | tainted4 |
+| summaries.rb:26:12:26:38 | call to secondArg :  | semmle.label | call to secondArg :  |
+| summaries.rb:26:31:26:37 | tainted :  | semmle.label | tainted :  |
+| summaries.rb:27:6:27:13 | tainted5 | semmle.label | tainted5 |
+| summaries.rb:30:6:30:42 | call to onlyWithBlock | semmle.label | call to onlyWithBlock |
+| summaries.rb:30:24:30:30 | tainted :  | semmle.label | tainted :  |
+| summaries.rb:31:6:31:34 | call to onlyWithoutBlock | semmle.label | call to onlyWithoutBlock |
+| summaries.rb:31:27:31:33 | tainted :  | semmle.label | tainted :  |
+| summaries.rb:34:16:34:22 | tainted | semmle.label | tainted |
+| summaries.rb:34:16:34:22 | tainted | semmle.label | tainted |
+| summaries.rb:35:16:35:22 | tainted | semmle.label | tainted |
+| summaries.rb:35:16:35:22 | tainted | semmle.label | tainted |
+| summaries.rb:36:21:36:27 | tainted | semmle.label | tainted |
+| summaries.rb:36:21:36:27 | tainted | semmle.label | tainted |
+| summaries.rb:37:36:37:42 | tainted | semmle.label | tainted |
+| summaries.rb:37:36:37:42 | tainted | semmle.label | tainted |
+| summaries.rb:40:7:40:17 | call to source :  | semmle.label | call to source :  |
+| summaries.rb:41:8:41:25 | call to matchedByName | semmle.label | call to matchedByName |
+| summaries.rb:41:24:41:24 | t :  | semmle.label | t :  |
+| summaries.rb:42:8:42:25 | call to matchedByName | semmle.label | call to matchedByName |
+| summaries.rb:42:24:42:24 | t :  | semmle.label | t :  |
+| summaries.rb:44:8:44:8 | t :  | semmle.label | t :  |
+| summaries.rb:44:8:44:27 | call to matchedByNameRcv | semmle.label | call to matchedByNameRcv |
+| summaries.rb:48:8:48:42 | call to preserveTaint | semmle.label | call to preserveTaint |
+| summaries.rb:48:24:48:41 | call to source :  | semmle.label | call to source :  |
+| summaries.rb:51:6:51:31 | call to namedArg | semmle.label | call to namedArg |
+| summaries.rb:51:24:51:30 | tainted :  | semmle.label | tainted :  |
+| summaries.rb:54:23:54:29 | tainted :  | semmle.label | tainted :  |
+| summaries.rb:54:40:54:40 | x :  | semmle.label | x :  |
+| summaries.rb:55:8:55:8 | x | semmle.label | x |
+| summaries.rb:62:8:62:54 | call to preserveTaint | semmle.label | call to preserveTaint |
+| summaries.rb:62:24:62:53 | call to source :  | semmle.label | call to source :  |
+| summaries.rb:65:8:65:57 | call to preserveTaint | semmle.label | call to preserveTaint |
+| summaries.rb:65:26:65:56 | call to source :  | semmle.label | call to source :  |
+subpaths
 invalidSpecComponent
 invalidOutputSpecComponent
+#select
+| summaries.rb:2:6:2:12 | tainted | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:2:6:2:12 | tainted | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:2:6:2:12 | tainted | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:2:6:2:12 | tainted | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:5:8:5:8 | x | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:5:8:5:8 | x | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:5:8:5:8 | x | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:5:8:5:8 | x | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:9:6:9:13 | tainted2 | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:9:6:9:13 | tainted2 | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:9:6:9:13 | tainted2 | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:9:6:9:13 | tainted2 | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:12:8:12:8 | x | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:12:8:12:8 | x | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:12:8:12:8 | x | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:12:8:12:8 | x | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:18:6:18:13 | tainted3 | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:18:6:18:13 | tainted3 | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:18:6:18:13 | tainted3 | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:18:6:18:13 | tainted3 | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:21:6:21:13 | tainted4 | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:21:6:21:13 | tainted4 | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:27:6:27:13 | tainted5 | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:27:6:27:13 | tainted5 | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:30:6:30:42 | call to onlyWithBlock | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:30:6:30:42 | call to onlyWithBlock | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:31:6:31:34 | call to onlyWithoutBlock | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:31:6:31:34 | call to onlyWithoutBlock | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:34:16:34:22 | tainted | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:34:16:34:22 | tainted | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:34:16:34:22 | tainted | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:34:16:34:22 | tainted | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:35:16:35:22 | tainted | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:35:16:35:22 | tainted | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:35:16:35:22 | tainted | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:35:16:35:22 | tainted | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:36:21:36:27 | tainted | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:36:21:36:27 | tainted | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:36:21:36:27 | tainted | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:36:21:36:27 | tainted | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:37:36:37:42 | tainted | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:37:36:37:42 | tainted | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:37:36:37:42 | tainted | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:37:36:37:42 | tainted | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:41:8:41:25 | call to matchedByName | summaries.rb:40:7:40:17 | call to source :  | summaries.rb:41:8:41:25 | call to matchedByName | $@ | summaries.rb:40:7:40:17 | call to source :  | call to source :  |
+| summaries.rb:42:8:42:25 | call to matchedByName | summaries.rb:40:7:40:17 | call to source :  | summaries.rb:42:8:42:25 | call to matchedByName | $@ | summaries.rb:40:7:40:17 | call to source :  | call to source :  |
+| summaries.rb:44:8:44:27 | call to matchedByNameRcv | summaries.rb:40:7:40:17 | call to source :  | summaries.rb:44:8:44:27 | call to matchedByNameRcv | $@ | summaries.rb:40:7:40:17 | call to source :  | call to source :  |
+| summaries.rb:48:8:48:42 | call to preserveTaint | summaries.rb:48:24:48:41 | call to source :  | summaries.rb:48:8:48:42 | call to preserveTaint | $@ | summaries.rb:48:24:48:41 | call to source :  | call to source :  |
+| summaries.rb:51:6:51:31 | call to namedArg | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:51:6:51:31 | call to namedArg | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:55:8:55:8 | x | summaries.rb:1:20:1:36 | call to source :  | summaries.rb:55:8:55:8 | x | $@ | summaries.rb:1:20:1:36 | call to source :  | call to source :  |
+| summaries.rb:62:8:62:54 | call to preserveTaint | summaries.rb:62:24:62:53 | call to source :  | summaries.rb:62:8:62:54 | call to preserveTaint | $@ | summaries.rb:62:24:62:53 | call to source :  | call to source :  |
+| summaries.rb:65:8:65:57 | call to preserveTaint | summaries.rb:65:26:65:56 | call to source :  | summaries.rb:65:8:65:57 | call to preserveTaint | $@ | summaries.rb:65:26:65:56 | call to source :  | call to source :  |
 warning
 | CSV type row should have 5 columns but has 2: test;TooFewColumns |
 | CSV type row should have 5 columns but has 8: test;TooManyColumns;;;Member[Foo].Instance;too;many;columns |
diff --git a/ruby/ql/test/library-tests/dataflow/summaries/Summaries.ql b/ruby/ql/test/library-tests/dataflow/summaries/Summaries.ql
@@ -9,6 +9,7 @@ import codeql.ruby.dataflow.internal.FlowSummaryImpl
 import codeql.ruby.dataflow.internal.AccessPathSyntax
 import codeql.ruby.frameworks.data.ModelsAsData
 import TestUtilities.InlineFlowTest
+import DataFlow::PathGraph
 
 query predicate invalidSpecComponent(SummarizedCallable sc, string s, string c) {
   (sc.propagatesFlowExt(s, _, _) or sc.propagatesFlowExt(_, s, _)) and
@@ -132,3 +133,7 @@ class CustomTaintSink extends DefaultTaintFlowConf {
     sink = ModelOutput::getASinkNode("test-sink").getARhs()
   }
 }
+
+from DataFlow::PathNode source, DataFlow::PathNode sink, DataFlow::Configuration conf
+where conf.hasFlowPath(source, sink)
+select sink, source, sink, "$@", source, source.toString()

Original file line number	Diff line number	Diff line change
`@@ -9,6 +9,7 @@ import codeql.ruby.dataflow.internal.FlowSummaryImpl`
`9`	`9`	`import codeql.ruby.dataflow.internal.AccessPathSyntax`
`10`	`10`	`import codeql.ruby.frameworks.data.ModelsAsData`
`11`	`11`	`import TestUtilities.InlineFlowTest`
	`12`	`+import DataFlow::PathGraph`
`12`	`13`
`13`	`14`	`query predicate invalidSpecComponent(SummarizedCallable sc, string s, string c) {`
`14`	`15`	`(sc.propagatesFlowExt(s, _, _) or sc.propagatesFlowExt(_, s, _)) and`
`@@ -132,3 +133,7 @@ class CustomTaintSink extends DefaultTaintFlowConf {`
`132`	`133`	`sink = ModelOutput::getASinkNode("test-sink").getARhs()`
`133`	`134`	`}`
`134`	`135`	`}`
	`136`	`+`
	`137`	`+from DataFlow::PathNode source, DataFlow::PathNode sink, DataFlow::Configuration conf`
	`138`	`+where conf.hasFlowPath(source, sink)`
	`139`	`+select sink, source, sink, "$@", source, source.toString()`