Ruby: Attempt to fix performance of AppCandidate

hmac · hmac · commit 21ce9b448ac7 · 2023-01-23T15:25:52.000+13:00
`DataFlow::MethodNode.getAReturningNode` is expensive to compute.
Instead we look for rack responses which flow to the `SynthReturnNode`.
Each method has only one of these (vs many "returning" nodes) so it is
a lot faster.
I'm not sure yet whether the results are the same.
diff --git a/ruby/ql/lib/codeql/ruby/frameworks/Rack.qll b/ruby/ql/lib/codeql/ruby/frameworks/Rack.qll
@@ -20,7 +20,7 @@ module Rack {
     AppCandidate() {
       call = this.getInstanceMethod("call") and
       call.getNumberOfParameters() = 1 and
-      isRackResponse(call.getAReturningNode())
+      exists(DataFlow::LocalSourceNode resp | isRackResponse(resp) | resp.flowsTo(call.getReturn()))
     }
 
     /**

Original file line number	Diff line number	Diff line change
`@@ -20,7 +20,7 @@ module Rack {`
`20`	`20`	`AppCandidate() {`
`21`	`21`	`call = this.getInstanceMethod("call") and`
`22`	`22`	`call.getNumberOfParameters() = 1 and`
`23`		`- isRackResponse(call.getAReturningNode())`
	`23`	`+ exists(DataFlow::LocalSourceNode resp \| isRackResponse(resp) \| resp.flowsTo(call.getReturn()))`
`24`	`24`	`}`
`25`	`25`
`26`	`26`	`/**`