Skip to content

Commit ea703bc

Browse files
committed
Ruby: Add test that illustrates false negative lambda flow
1 parent 5e57e82 commit ea703bc

File tree

2 files changed

+40
-0
lines changed

2 files changed

+40
-0
lines changed

ruby/ql/test/library-tests/dataflow/call-sensitivity/call-sensitivity.expected

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,12 +5,27 @@ edges
55
| call_sensitivity.rb:15:20:15:20 | x : | call_sensitivity.rb:15:28:15:28 | x |
66
| call_sensitivity.rb:17:27:17:27 | x : | call_sensitivity.rb:18:17:18:17 | x : |
77
| call_sensitivity.rb:17:27:17:27 | x : | call_sensitivity.rb:18:17:18:17 | x : |
8+
| call_sensitivity.rb:17:27:17:27 | x : | call_sensitivity.rb:18:17:18:17 | x : |
9+
| call_sensitivity.rb:17:27:17:27 | x : | call_sensitivity.rb:18:17:18:17 | x : |
10+
| call_sensitivity.rb:17:27:17:27 | x : | call_sensitivity.rb:18:17:18:17 | x : |
11+
| call_sensitivity.rb:17:27:17:27 | x : | call_sensitivity.rb:18:17:18:17 | x : |
812
| call_sensitivity.rb:18:17:18:17 | x : | call_sensitivity.rb:27:17:27:17 | x : |
913
| call_sensitivity.rb:18:17:18:17 | x : | call_sensitivity.rb:36:23:36:23 | x : |
14+
| call_sensitivity.rb:18:17:18:17 | x : | call_sensitivity.rb:39:24:39:24 | x : |
15+
| call_sensitivity.rb:18:17:18:17 | x : | call_sensitivity.rb:39:24:39:24 | x : |
16+
| call_sensitivity.rb:18:17:18:17 | x : | call_sensitivity.rb:39:24:39:24 | x : |
17+
| call_sensitivity.rb:18:17:18:17 | x : | call_sensitivity.rb:39:24:39:24 | x : |
18+
| call_sensitivity.rb:18:17:18:17 | x : | call_sensitivity.rb:39:24:39:24 | x : |
19+
| call_sensitivity.rb:18:17:18:17 | x : | call_sensitivity.rb:39:24:39:24 | x : |
20+
| call_sensitivity.rb:25:25:25:31 | "taint" : | call_sensitivity.rb:17:27:17:27 | x : |
1021
| call_sensitivity.rb:27:17:27:17 | x : | call_sensitivity.rb:27:27:27:27 | x |
1122
| call_sensitivity.rb:28:25:28:31 | "taint" : | call_sensitivity.rb:17:27:17:27 | x : |
23+
| call_sensitivity.rb:34:25:34:31 | "taint" : | call_sensitivity.rb:17:27:17:27 | x : |
1224
| call_sensitivity.rb:36:23:36:23 | x : | call_sensitivity.rb:36:31:36:31 | x |
1325
| call_sensitivity.rb:37:25:37:31 | "taint" : | call_sensitivity.rb:17:27:17:27 | x : |
26+
| call_sensitivity.rb:39:24:39:24 | x : | call_sensitivity.rb:39:32:39:32 | x |
27+
| call_sensitivity.rb:40:26:40:32 | "taint" : | call_sensitivity.rb:17:27:17:27 | x : |
28+
| call_sensitivity.rb:43:26:43:32 | "taint" : | call_sensitivity.rb:17:27:17:27 | x : |
1429
nodes
1530
| call_sensitivity.rb:5:6:5:12 | "taint" | semmle.label | "taint" |
1631
| call_sensitivity.rb:7:13:7:13 | x : | semmle.label | x : |
@@ -20,17 +35,37 @@ nodes
2035
| call_sensitivity.rb:15:28:15:28 | x | semmle.label | x |
2136
| call_sensitivity.rb:17:27:17:27 | x : | semmle.label | x : |
2237
| call_sensitivity.rb:17:27:17:27 | x : | semmle.label | x : |
38+
| call_sensitivity.rb:17:27:17:27 | x : | semmle.label | x : |
39+
| call_sensitivity.rb:17:27:17:27 | x : | semmle.label | x : |
40+
| call_sensitivity.rb:17:27:17:27 | x : | semmle.label | x : |
41+
| call_sensitivity.rb:17:27:17:27 | x : | semmle.label | x : |
42+
| call_sensitivity.rb:18:17:18:17 | x : | semmle.label | x : |
43+
| call_sensitivity.rb:18:17:18:17 | x : | semmle.label | x : |
44+
| call_sensitivity.rb:18:17:18:17 | x : | semmle.label | x : |
45+
| call_sensitivity.rb:18:17:18:17 | x : | semmle.label | x : |
2346
| call_sensitivity.rb:18:17:18:17 | x : | semmle.label | x : |
2447
| call_sensitivity.rb:18:17:18:17 | x : | semmle.label | x : |
48+
| call_sensitivity.rb:25:25:25:31 | "taint" : | semmle.label | "taint" : |
2549
| call_sensitivity.rb:27:17:27:17 | x : | semmle.label | x : |
2650
| call_sensitivity.rb:27:27:27:27 | x | semmle.label | x |
2751
| call_sensitivity.rb:28:25:28:31 | "taint" : | semmle.label | "taint" : |
52+
| call_sensitivity.rb:34:25:34:31 | "taint" : | semmle.label | "taint" : |
2853
| call_sensitivity.rb:36:23:36:23 | x : | semmle.label | x : |
2954
| call_sensitivity.rb:36:31:36:31 | x | semmle.label | x |
3055
| call_sensitivity.rb:37:25:37:31 | "taint" : | semmle.label | "taint" : |
56+
| call_sensitivity.rb:39:24:39:24 | x : | semmle.label | x : |
57+
| call_sensitivity.rb:39:32:39:32 | x | semmle.label | x |
58+
| call_sensitivity.rb:40:26:40:32 | "taint" : | semmle.label | "taint" : |
59+
| call_sensitivity.rb:43:26:43:32 | "taint" : | semmle.label | "taint" : |
3160
subpaths
3261
#select
3362
| call_sensitivity.rb:5:6:5:12 | "taint" | call_sensitivity.rb:5:6:5:12 | "taint" | call_sensitivity.rb:5:6:5:12 | "taint" | $@ | call_sensitivity.rb:5:6:5:12 | "taint" | "taint" |
3463
| call_sensitivity.rb:15:28:15:28 | x | call_sensitivity.rb:15:9:15:15 | "taint" : | call_sensitivity.rb:15:28:15:28 | x | $@ | call_sensitivity.rb:15:9:15:15 | "taint" : | "taint" : |
3564
| call_sensitivity.rb:27:27:27:27 | x | call_sensitivity.rb:28:25:28:31 | "taint" : | call_sensitivity.rb:27:27:27:27 | x | $@ | call_sensitivity.rb:28:25:28:31 | "taint" : | "taint" : |
3665
| call_sensitivity.rb:36:31:36:31 | x | call_sensitivity.rb:37:25:37:31 | "taint" : | call_sensitivity.rb:36:31:36:31 | x | $@ | call_sensitivity.rb:37:25:37:31 | "taint" : | "taint" : |
66+
| call_sensitivity.rb:39:32:39:32 | x | call_sensitivity.rb:25:25:25:31 | "taint" : | call_sensitivity.rb:39:32:39:32 | x | $@ | call_sensitivity.rb:25:25:25:31 | "taint" : | "taint" : |
67+
| call_sensitivity.rb:39:32:39:32 | x | call_sensitivity.rb:28:25:28:31 | "taint" : | call_sensitivity.rb:39:32:39:32 | x | $@ | call_sensitivity.rb:28:25:28:31 | "taint" : | "taint" : |
68+
| call_sensitivity.rb:39:32:39:32 | x | call_sensitivity.rb:34:25:34:31 | "taint" : | call_sensitivity.rb:39:32:39:32 | x | $@ | call_sensitivity.rb:34:25:34:31 | "taint" : | "taint" : |
69+
| call_sensitivity.rb:39:32:39:32 | x | call_sensitivity.rb:37:25:37:31 | "taint" : | call_sensitivity.rb:39:32:39:32 | x | $@ | call_sensitivity.rb:37:25:37:31 | "taint" : | "taint" : |
70+
| call_sensitivity.rb:39:32:39:32 | x | call_sensitivity.rb:40:26:40:32 | "taint" : | call_sensitivity.rb:39:32:39:32 | x | $@ | call_sensitivity.rb:40:26:40:32 | "taint" : | "taint" : |
71+
| call_sensitivity.rb:39:32:39:32 | x | call_sensitivity.rb:43:26:43:32 | "taint" : | call_sensitivity.rb:39:32:39:32 | x | $@ | call_sensitivity.rb:43:26:43:32 | "taint" : | "taint" : |

ruby/ql/test/library-tests/dataflow/call-sensitivity/call_sensitivity.rb

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,3 +36,8 @@ def apply_lambda (lambda, x)
3636
my_lambda = lambda { |x| sink x }
3737
apply_lambda(my_lambda, "taint") # flow
3838

39+
MY_LAMBDA1 = lambda { |x| sink x }
40+
apply_lambda(MY_LAMBDA1, "taint") # flow
41+
42+
MY_LAMBDA2 = lambda { |x| puts x }
43+
apply_lambda(MY_LAMBDA2, "taint") # no flow

0 commit comments

Comments
 (0)