Skip to content

Commit a18aef2

Browse files
hvitvedhvitved
committed
Data flow: Do not discard call context when computing reverse lambda flow through jumps
1 parent ea703bc commit a18aef2

File tree

2 files changed

+2
-28
lines changed

2 files changed

+2
-28
lines changed

ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplCommon.qll

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -216,10 +216,9 @@ private module LambdaFlow {
216216
or
217217
// jump step
218218
exists(Node mid, DataFlowType t0 |
219-
revLambdaFlow(lambdaCall, kind, mid, t0, _, _, _) and
219+
revLambdaFlow(lambdaCall, kind, mid, t0, _, _, lastCall) and
220220
toReturn = false and
221-
toJump = true and
222-
lastCall = TDataFlowCallNone()
221+
toJump = true
223222
|
224223
jumpStepCached(node, mid) and
225224
t = t0

ruby/ql/test/library-tests/dataflow/call-sensitivity/call-sensitivity.expected

Lines changed: 0 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -6,26 +6,15 @@ edges
66
| call_sensitivity.rb:17:27:17:27 | x : | call_sensitivity.rb:18:17:18:17 | x : |
77
| call_sensitivity.rb:17:27:17:27 | x : | call_sensitivity.rb:18:17:18:17 | x : |
88
| call_sensitivity.rb:17:27:17:27 | x : | call_sensitivity.rb:18:17:18:17 | x : |
9-
| call_sensitivity.rb:17:27:17:27 | x : | call_sensitivity.rb:18:17:18:17 | x : |
10-
| call_sensitivity.rb:17:27:17:27 | x : | call_sensitivity.rb:18:17:18:17 | x : |
11-
| call_sensitivity.rb:17:27:17:27 | x : | call_sensitivity.rb:18:17:18:17 | x : |
129
| call_sensitivity.rb:18:17:18:17 | x : | call_sensitivity.rb:27:17:27:17 | x : |
1310
| call_sensitivity.rb:18:17:18:17 | x : | call_sensitivity.rb:36:23:36:23 | x : |
1411
| call_sensitivity.rb:18:17:18:17 | x : | call_sensitivity.rb:39:24:39:24 | x : |
15-
| call_sensitivity.rb:18:17:18:17 | x : | call_sensitivity.rb:39:24:39:24 | x : |
16-
| call_sensitivity.rb:18:17:18:17 | x : | call_sensitivity.rb:39:24:39:24 | x : |
17-
| call_sensitivity.rb:18:17:18:17 | x : | call_sensitivity.rb:39:24:39:24 | x : |
18-
| call_sensitivity.rb:18:17:18:17 | x : | call_sensitivity.rb:39:24:39:24 | x : |
19-
| call_sensitivity.rb:18:17:18:17 | x : | call_sensitivity.rb:39:24:39:24 | x : |
20-
| call_sensitivity.rb:25:25:25:31 | "taint" : | call_sensitivity.rb:17:27:17:27 | x : |
2112
| call_sensitivity.rb:27:17:27:17 | x : | call_sensitivity.rb:27:27:27:27 | x |
2213
| call_sensitivity.rb:28:25:28:31 | "taint" : | call_sensitivity.rb:17:27:17:27 | x : |
23-
| call_sensitivity.rb:34:25:34:31 | "taint" : | call_sensitivity.rb:17:27:17:27 | x : |
2414
| call_sensitivity.rb:36:23:36:23 | x : | call_sensitivity.rb:36:31:36:31 | x |
2515
| call_sensitivity.rb:37:25:37:31 | "taint" : | call_sensitivity.rb:17:27:17:27 | x : |
2616
| call_sensitivity.rb:39:24:39:24 | x : | call_sensitivity.rb:39:32:39:32 | x |
2717
| call_sensitivity.rb:40:26:40:32 | "taint" : | call_sensitivity.rb:17:27:17:27 | x : |
28-
| call_sensitivity.rb:43:26:43:32 | "taint" : | call_sensitivity.rb:17:27:17:27 | x : |
2918
nodes
3019
| call_sensitivity.rb:5:6:5:12 | "taint" | semmle.label | "taint" |
3120
| call_sensitivity.rb:7:13:7:13 | x : | semmle.label | x : |
@@ -36,36 +25,22 @@ nodes
3625
| call_sensitivity.rb:17:27:17:27 | x : | semmle.label | x : |
3726
| call_sensitivity.rb:17:27:17:27 | x : | semmle.label | x : |
3827
| call_sensitivity.rb:17:27:17:27 | x : | semmle.label | x : |
39-
| call_sensitivity.rb:17:27:17:27 | x : | semmle.label | x : |
40-
| call_sensitivity.rb:17:27:17:27 | x : | semmle.label | x : |
41-
| call_sensitivity.rb:17:27:17:27 | x : | semmle.label | x : |
42-
| call_sensitivity.rb:18:17:18:17 | x : | semmle.label | x : |
43-
| call_sensitivity.rb:18:17:18:17 | x : | semmle.label | x : |
44-
| call_sensitivity.rb:18:17:18:17 | x : | semmle.label | x : |
4528
| call_sensitivity.rb:18:17:18:17 | x : | semmle.label | x : |
4629
| call_sensitivity.rb:18:17:18:17 | x : | semmle.label | x : |
4730
| call_sensitivity.rb:18:17:18:17 | x : | semmle.label | x : |
48-
| call_sensitivity.rb:25:25:25:31 | "taint" : | semmle.label | "taint" : |
4931
| call_sensitivity.rb:27:17:27:17 | x : | semmle.label | x : |
5032
| call_sensitivity.rb:27:27:27:27 | x | semmle.label | x |
5133
| call_sensitivity.rb:28:25:28:31 | "taint" : | semmle.label | "taint" : |
52-
| call_sensitivity.rb:34:25:34:31 | "taint" : | semmle.label | "taint" : |
5334
| call_sensitivity.rb:36:23:36:23 | x : | semmle.label | x : |
5435
| call_sensitivity.rb:36:31:36:31 | x | semmle.label | x |
5536
| call_sensitivity.rb:37:25:37:31 | "taint" : | semmle.label | "taint" : |
5637
| call_sensitivity.rb:39:24:39:24 | x : | semmle.label | x : |
5738
| call_sensitivity.rb:39:32:39:32 | x | semmle.label | x |
5839
| call_sensitivity.rb:40:26:40:32 | "taint" : | semmle.label | "taint" : |
59-
| call_sensitivity.rb:43:26:43:32 | "taint" : | semmle.label | "taint" : |
6040
subpaths
6141
#select
6242
| call_sensitivity.rb:5:6:5:12 | "taint" | call_sensitivity.rb:5:6:5:12 | "taint" | call_sensitivity.rb:5:6:5:12 | "taint" | $@ | call_sensitivity.rb:5:6:5:12 | "taint" | "taint" |
6343
| call_sensitivity.rb:15:28:15:28 | x | call_sensitivity.rb:15:9:15:15 | "taint" : | call_sensitivity.rb:15:28:15:28 | x | $@ | call_sensitivity.rb:15:9:15:15 | "taint" : | "taint" : |
6444
| call_sensitivity.rb:27:27:27:27 | x | call_sensitivity.rb:28:25:28:31 | "taint" : | call_sensitivity.rb:27:27:27:27 | x | $@ | call_sensitivity.rb:28:25:28:31 | "taint" : | "taint" : |
6545
| call_sensitivity.rb:36:31:36:31 | x | call_sensitivity.rb:37:25:37:31 | "taint" : | call_sensitivity.rb:36:31:36:31 | x | $@ | call_sensitivity.rb:37:25:37:31 | "taint" : | "taint" : |
66-
| call_sensitivity.rb:39:32:39:32 | x | call_sensitivity.rb:25:25:25:31 | "taint" : | call_sensitivity.rb:39:32:39:32 | x | $@ | call_sensitivity.rb:25:25:25:31 | "taint" : | "taint" : |
67-
| call_sensitivity.rb:39:32:39:32 | x | call_sensitivity.rb:28:25:28:31 | "taint" : | call_sensitivity.rb:39:32:39:32 | x | $@ | call_sensitivity.rb:28:25:28:31 | "taint" : | "taint" : |
68-
| call_sensitivity.rb:39:32:39:32 | x | call_sensitivity.rb:34:25:34:31 | "taint" : | call_sensitivity.rb:39:32:39:32 | x | $@ | call_sensitivity.rb:34:25:34:31 | "taint" : | "taint" : |
69-
| call_sensitivity.rb:39:32:39:32 | x | call_sensitivity.rb:37:25:37:31 | "taint" : | call_sensitivity.rb:39:32:39:32 | x | $@ | call_sensitivity.rb:37:25:37:31 | "taint" : | "taint" : |
7046
| call_sensitivity.rb:39:32:39:32 | x | call_sensitivity.rb:40:26:40:32 | "taint" : | call_sensitivity.rb:39:32:39:32 | x | $@ | call_sensitivity.rb:40:26:40:32 | "taint" : | "taint" : |
71-
| call_sensitivity.rb:39:32:39:32 | x | call_sensitivity.rb:43:26:43:32 | "taint" : | call_sensitivity.rb:39:32:39:32 | x | $@ | call_sensitivity.rb:43:26:43:32 | "taint" : | "taint" : |

0 commit comments

Comments
 (0)