Skip to content

Commit 2f7b946

Browse files
committed
Ruby: add sources on request object of Rails
1 parent 7a7e033 commit 2f7b946

File tree

4 files changed

+68
-47
lines changed

4 files changed

+68
-47
lines changed

ruby/ql/lib/codeql/ruby/frameworks/actiondispatch/internal/Request.qll

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -38,8 +38,8 @@ module Request {
3838
ParametersCall() {
3939
this.getMethodName() =
4040
[
41-
"parameters", "params", "GET", "POST", "query_parameters", "request_parameters",
42-
"filtered_parameters"
41+
"parameters", "params", "[]", "GET", "POST", "query_parameters", "request_parameters",
42+
"filtered_parameters", "query_string"
4343
]
4444
}
4545

@@ -64,7 +64,7 @@ module Request {
6464
this.getMethodName() =
6565
[
6666
"authorization", "script_name", "path_info", "user_agent", "referer", "referrer",
67-
"host_authority", "content_type", "host", "hostname", "accept_encoding",
67+
"headers", "cookies", "cookie_jar", "content_type", "accept", "accept_encoding",
6868
"accept_language", "if_none_match", "if_none_match_etags", "content_mime_type"
6969
]
7070
or
@@ -86,8 +86,9 @@ module Request {
8686
HostCall() {
8787
this.getMethodName() =
8888
[
89-
"authority", "host", "host_authority", "host_with_port", "hostname", "forwarded_for",
90-
"forwarded_host", "port", "forwarded_port"
89+
"authority", "host", "host_authority", "host_with_port", "raw_host_with_port", "hostname",
90+
"forwarded_for", "forwarded_host", "port", "forwarded_port", "port_string", "domain",
91+
"subdomain", "subdomains"
9192
]
9293
}
9394

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
---
2+
category: minorAnalysis
3+
---
4+
* Added additional request sources for Ruby on Rails.

ruby/ql/test/library-tests/frameworks/action_controller/ActionController.expected

Lines changed: 47 additions & 39 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ actionControllerControllerClasses
1111
| filter_flow.rb:42:1:57:3 | ThreeController |
1212
| filter_flow.rb:59:1:73:3 | FourController |
1313
| filter_flow.rb:75:1:93:3 | FiveController |
14-
| input_access.rb:1:1:50:3 | UsersController |
14+
| input_access.rb:1:1:58:3 | UsersController |
1515
| params_flow.rb:1:1:162:3 | MyController |
1616
| params_flow.rb:170:1:178:3 | Subclass |
1717
actionControllerActionMethods
@@ -48,7 +48,7 @@ actionControllerActionMethods
4848
| filter_flow.rb:83:3:84:5 | b |
4949
| filter_flow.rb:86:3:88:5 | c |
5050
| filter_flow.rb:90:3:92:5 | taint_foo |
51-
| input_access.rb:2:3:49:5 | index |
51+
| input_access.rb:2:3:57:5 | index |
5252
| logging.rb:2:5:8:7 | index |
5353
| params_flow.rb:2:3:4:5 | m1 |
5454
| params_flow.rb:6:3:8:5 | m2 |
@@ -230,43 +230,51 @@ httpInputAccesses
230230
| filter_flow.rb:91:12:91:17 | call to params | ActionController::Metal#params |
231231
| input_access.rb:3:5:3:18 | call to params | ActionDispatch::Request#params |
232232
| input_access.rb:4:5:4:22 | call to parameters | ActionDispatch::Request#parameters |
233-
| input_access.rb:5:5:5:15 | call to GET | ActionDispatch::Request#GET |
234-
| input_access.rb:6:5:6:16 | call to POST | ActionDispatch::Request#POST |
235-
| input_access.rb:7:5:7:28 | call to query_parameters | ActionDispatch::Request#query_parameters |
236-
| input_access.rb:8:5:8:30 | call to request_parameters | ActionDispatch::Request#request_parameters |
237-
| input_access.rb:9:5:9:31 | call to filtered_parameters | ActionDispatch::Request#filtered_parameters |
238-
| input_access.rb:11:5:11:25 | call to authorization | ActionDispatch::Request#authorization |
239-
| input_access.rb:12:5:12:23 | call to script_name | ActionDispatch::Request#script_name |
240-
| input_access.rb:13:5:13:21 | call to path_info | ActionDispatch::Request#path_info |
241-
| input_access.rb:14:5:14:22 | call to user_agent | ActionDispatch::Request#user_agent |
242-
| input_access.rb:15:5:15:19 | call to referer | ActionDispatch::Request#referer |
243-
| input_access.rb:16:5:16:20 | call to referrer | ActionDispatch::Request#referrer |
244-
| input_access.rb:17:5:17:26 | call to host_authority | ActionDispatch::Request#host_authority |
245-
| input_access.rb:18:5:18:24 | call to content_type | ActionDispatch::Request#content_type |
246-
| input_access.rb:19:5:19:16 | call to host | ActionDispatch::Request#host |
247-
| input_access.rb:20:5:20:20 | call to hostname | ActionDispatch::Request#hostname |
248-
| input_access.rb:21:5:21:27 | call to accept_encoding | ActionDispatch::Request#accept_encoding |
249-
| input_access.rb:22:5:22:27 | call to accept_language | ActionDispatch::Request#accept_language |
250-
| input_access.rb:23:5:23:25 | call to if_none_match | ActionDispatch::Request#if_none_match |
251-
| input_access.rb:24:5:24:31 | call to if_none_match_etags | ActionDispatch::Request#if_none_match_etags |
252-
| input_access.rb:25:5:25:29 | call to content_mime_type | ActionDispatch::Request#content_mime_type |
253-
| input_access.rb:27:5:27:21 | call to authority | ActionDispatch::Request#authority |
254-
| input_access.rb:28:5:28:16 | call to host | ActionDispatch::Request#host |
255-
| input_access.rb:29:5:29:26 | call to host_authority | ActionDispatch::Request#host_authority |
256-
| input_access.rb:30:5:30:26 | call to host_with_port | ActionDispatch::Request#host_with_port |
257-
| input_access.rb:31:5:31:20 | call to hostname | ActionDispatch::Request#hostname |
258-
| input_access.rb:32:5:32:25 | call to forwarded_for | ActionDispatch::Request#forwarded_for |
259-
| input_access.rb:33:5:33:26 | call to forwarded_host | ActionDispatch::Request#forwarded_host |
260-
| input_access.rb:34:5:34:16 | call to port | ActionDispatch::Request#port |
261-
| input_access.rb:35:5:35:26 | call to forwarded_port | ActionDispatch::Request#forwarded_port |
262-
| input_access.rb:37:5:37:22 | call to media_type | ActionDispatch::Request#media_type |
263-
| input_access.rb:38:5:38:29 | call to media_type_params | ActionDispatch::Request#media_type_params |
264-
| input_access.rb:39:5:39:27 | call to content_charset | ActionDispatch::Request#content_charset |
265-
| input_access.rb:40:5:40:20 | call to base_url | ActionDispatch::Request#base_url |
266-
| input_access.rb:42:5:42:16 | call to body | ActionDispatch::Request#body |
267-
| input_access.rb:43:5:43:20 | call to raw_post | ActionDispatch::Request#raw_post |
268-
| input_access.rb:45:5:45:30 | ...[...] | ActionDispatch::Request#env[] |
269-
| input_access.rb:47:5:47:39 | ...[...] | ActionDispatch::Request#env[] |
233+
| input_access.rb:5:5:5:29 | ...[...] | ActionDispatch::Request#[] |
234+
| input_access.rb:6:5:6:15 | call to GET | ActionDispatch::Request#GET |
235+
| input_access.rb:7:5:7:16 | call to POST | ActionDispatch::Request#POST |
236+
| input_access.rb:8:5:8:28 | call to query_parameters | ActionDispatch::Request#query_parameters |
237+
| input_access.rb:9:5:9:30 | call to request_parameters | ActionDispatch::Request#request_parameters |
238+
| input_access.rb:10:5:10:31 | call to filtered_parameters | ActionDispatch::Request#filtered_parameters |
239+
| input_access.rb:11:5:11:24 | call to query_string | ActionDispatch::Request#query_string |
240+
| input_access.rb:13:5:13:25 | call to authorization | ActionDispatch::Request#authorization |
241+
| input_access.rb:14:5:14:23 | call to script_name | ActionDispatch::Request#script_name |
242+
| input_access.rb:15:5:15:21 | call to path_info | ActionDispatch::Request#path_info |
243+
| input_access.rb:16:5:16:22 | call to user_agent | ActionDispatch::Request#user_agent |
244+
| input_access.rb:17:5:17:19 | call to referer | ActionDispatch::Request#referer |
245+
| input_access.rb:18:5:18:20 | call to referrer | ActionDispatch::Request#referrer |
246+
| input_access.rb:19:5:19:19 | call to headers | ActionDispatch::Request#headers |
247+
| input_access.rb:20:5:20:19 | call to cookies | ActionDispatch::Request#cookies |
248+
| input_access.rb:21:5:21:22 | call to cookie_jar | ActionDispatch::Request#cookie_jar |
249+
| input_access.rb:22:5:22:24 | call to content_type | ActionDispatch::Request#content_type |
250+
| input_access.rb:23:5:23:18 | call to accept | ActionDispatch::Request#accept |
251+
| input_access.rb:24:5:24:27 | call to accept_encoding | ActionDispatch::Request#accept_encoding |
252+
| input_access.rb:25:5:25:27 | call to accept_language | ActionDispatch::Request#accept_language |
253+
| input_access.rb:26:5:26:25 | call to if_none_match | ActionDispatch::Request#if_none_match |
254+
| input_access.rb:27:5:27:31 | call to if_none_match_etags | ActionDispatch::Request#if_none_match_etags |
255+
| input_access.rb:28:5:28:29 | call to content_mime_type | ActionDispatch::Request#content_mime_type |
256+
| input_access.rb:30:5:30:21 | call to authority | ActionDispatch::Request#authority |
257+
| input_access.rb:31:5:31:16 | call to host | ActionDispatch::Request#host |
258+
| input_access.rb:32:5:32:26 | call to host_authority | ActionDispatch::Request#host_authority |
259+
| input_access.rb:33:5:33:26 | call to host_with_port | ActionDispatch::Request#host_with_port |
260+
| input_access.rb:34:5:34:30 | call to raw_host_with_port | ActionDispatch::Request#raw_host_with_port |
261+
| input_access.rb:35:5:35:20 | call to hostname | ActionDispatch::Request#hostname |
262+
| input_access.rb:36:5:36:25 | call to forwarded_for | ActionDispatch::Request#forwarded_for |
263+
| input_access.rb:37:5:37:26 | call to forwarded_host | ActionDispatch::Request#forwarded_host |
264+
| input_access.rb:38:5:38:16 | call to port | ActionDispatch::Request#port |
265+
| input_access.rb:39:5:39:26 | call to forwarded_port | ActionDispatch::Request#forwarded_port |
266+
| input_access.rb:40:5:40:23 | call to port_string | ActionDispatch::Request#port_string |
267+
| input_access.rb:41:5:41:18 | call to domain | ActionDispatch::Request#domain |
268+
| input_access.rb:42:5:42:21 | call to subdomain | ActionDispatch::Request#subdomain |
269+
| input_access.rb:43:5:43:22 | call to subdomains | ActionDispatch::Request#subdomains |
270+
| input_access.rb:45:5:45:22 | call to media_type | ActionDispatch::Request#media_type |
271+
| input_access.rb:46:5:46:29 | call to media_type_params | ActionDispatch::Request#media_type_params |
272+
| input_access.rb:47:5:47:27 | call to content_charset | ActionDispatch::Request#content_charset |
273+
| input_access.rb:48:5:48:20 | call to base_url | ActionDispatch::Request#base_url |
274+
| input_access.rb:50:5:50:16 | call to body | ActionDispatch::Request#body |
275+
| input_access.rb:51:5:51:20 | call to raw_post | ActionDispatch::Request#raw_post |
276+
| input_access.rb:53:5:53:30 | ...[...] | ActionDispatch::Request#env[] |
277+
| input_access.rb:55:5:55:39 | ...[...] | ActionDispatch::Request#env[] |
270278
| logging.rb:5:22:5:35 | call to params | ActionDispatch::Request#params |
271279
| params_flow.rb:3:10:3:15 | call to params | ActionController::Metal#params |
272280
| params_flow.rb:7:10:7:15 | call to params | ActionController::Metal#params |

ruby/ql/test/library-tests/frameworks/action_controller/input_access.rb

Lines changed: 11 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,22 +2,25 @@ class UsersController < ActionController::Base
22
def index
33
request.params
44
request.parameters
5+
request["parameter_name"]
56
request.GET
67
request.POST
78
request.query_parameters
89
request.request_parameters
910
request.filtered_parameters
11+
request.query_string
1012

1113
request.authorization
1214
request.script_name
1315
request.path_info
1416
request.user_agent
1517
request.referer
1618
request.referrer
17-
request.host_authority
19+
request.headers
20+
request.cookies
21+
request.cookie_jar
1822
request.content_type
19-
request.host
20-
request.hostname
23+
request.accept
2124
request.accept_encoding
2225
request.accept_language
2326
request.if_none_match
@@ -28,11 +31,16 @@ def index
2831
request.host
2932
request.host_authority
3033
request.host_with_port
34+
request.raw_host_with_port
3135
request.hostname
3236
request.forwarded_for
3337
request.forwarded_host
3438
request.port
3539
request.forwarded_port
40+
request.port_string
41+
request.domain
42+
request.subdomain
43+
request.subdomains
3644

3745
request.media_type
3846
request.media_type_params

0 commit comments

Comments
 (0)