Ruby: Adopt shared SSA data-flow integration

github · Jul 10, 2024 · 5ccc46d · 5ccc46d
1 parent 7928d75
commit 5ccc46d
Show file tree

Hide file tree

Showing 7 changed files with 283 additions and 334 deletions.
diff --git a/ruby/ql/lib/codeql/ruby/controlflow/internal/Guards.qll b/ruby/ql/lib/codeql/ruby/controlflow/internal/Guards.qll
@@ -0,0 +1,11 @@
+private import codeql.ruby.CFG
+
+/** Holds if the guard `guard` controls block `bb` upon evaluating to `branch`. */
+pragma[nomagic]
+predicate guardControlsBlock(CfgNodes::AstCfgNode guard, BasicBlock bb, boolean branch) {
+  exists(ConditionBlock conditionBlock, SuccessorTypes::ConditionalSuccessor s |
+    guard = conditionBlock.getLastNode() and
+    s.getValue() = branch and
+    conditionBlock.controls(bb, s)
+  )
+}
diff --git a/ruby/ql/lib/codeql/ruby/dataflow/SSA.qll b/ruby/ql/lib/codeql/ruby/dataflow/SSA.qll
@@ -202,15 +202,32 @@ module Ssa {
     final VariableWriteAccessCfgNode getWriteAccess() { result = write }
 
     /**
-     * Holds if this SSA definition represents a direct assignment of `value`
-     * to the underlying variable.
+     * Holds if this SSA definition assigns `value` to the underlying variable.
+     *
+     * This is either a direct assignment, `x = value`, or an assignment via
+     * simple pattern matching
+     *
+     * ```rb
+     * case value
+     *  in Foo => x then ...
+     *  in y => then ...
+     * end
+     * ```
      */
     predicate assigns(CfgNodes::ExprCfgNode value) {
       exists(CfgNodes::ExprNodes::AssignExprCfgNode a, BasicBlock bb, int i |
         this.definesAt(_, bb, i) and
         a = bb.getNode(i) and
         value = a.getRhs()
       )
+      or
+      exists(CfgNodes::ExprNodes::CaseExprCfgNode case, CfgNodes::AstCfgNode pattern |
+        case.getValue() = value and
+        pattern = case.getBranch(_).(CfgNodes::ExprNodes::InClauseCfgNode).getPattern()
+      |
+        this.getWriteAccess() =
+          [pattern, pattern.(CfgNodes::ExprNodes::AsPatternCfgNode).getVariableAccess()]
+      )
     }
 
     final override string toString() { result = write.toString() }

diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowDispatch.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowDispatch.qll
@@ -1093,8 +1093,7 @@ private module TrackSingletonMethodOnInstanceInput implements CallGraphConstruct
         singletonMethodOnInstance(_, _, nodeFromPreExpr.getExpr())
       )
     |
-      nodeFromPreExpr =
-        LocalFlow::getParameterDefNode(p.getParameter()).getDefinitionExt().getARead()
+      nodeFromPreExpr = getParameterDef(p.getParameter()).getARead()
       or
       nodeFromPreExpr = p.(SelfParameterNodeImpl).getSelfDefinition().getARead()
     )