Skip to content

Commit 49488fa

Browse files
committed
Ruby: Fix bad join in ActionControllerHelperMethod
``` [2022-01-25 12:35:14] (234s) Tuple counts for ActionController::ActionControllerHelperMethod#class#ff/2@ef816fil after 1.5s: 7685 ~0% {3} r1 = JOIN ActionController::ActionControllerContextCall#ff#shared WITH Method::Method::getName_dispred#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'controllerClass', Lhs.0 'this' 13198 ~0% {3} r2 = JOIN r1 WITH Constant::ConstantValue::getStringOrSymbol_dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1 'controllerClass', Lhs.2 'this', Rhs.1 15835365 ~4% {5} r3 = JOIN r2 WITH AST::AstNode::getEnclosingModule_dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, "helper_method", Lhs.0 'controllerClass', Lhs.1 'this', Lhs.2 12943 ~1% {4} r4 = JOIN r3 WITH Call::MethodCall::getMethodName_dispred#ff ON FIRST 2 OUTPUT Lhs.4, Lhs.2 'controllerClass', Lhs.3 'this', Lhs.0 1146184 ~0% {4} r5 = JOIN r4 WITH Expr::Expr::getConstantValue_dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.3, Rhs.1, Lhs.1 'controllerClass', Lhs.2 'this' 212 ~0% {2} r6 = JOIN r5 WITH project#Call::Call::getArgument_dispred#fff ON FIRST 2 OUTPUT Lhs.3 'this', Lhs.2 'controllerClass' return r6 ``` Joining on enclosing module and name simultaneously yields a much better join.
1 parent 26d9848 commit 49488fa

File tree

1 file changed

+18
-5
lines changed

1 file changed

+18
-5
lines changed

ruby/ql/lib/codeql/ruby/frameworks/ActionController.qll

Lines changed: 18 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -202,6 +202,21 @@ class ActionControllerRedirectResponse extends HTTP::Server::HttpRedirectRespons
202202
}
203203
}
204204

205+
pragma[nomagic]
206+
private predicate isActionControllerMethod(Method m, string name, ActionControllerControllerClass c) {
207+
m.getName() = name and
208+
m.getEnclosingModule() = c
209+
}
210+
211+
pragma[nomagic]
212+
private predicate actionControllerHasHelperMethodCall(ActionControllerControllerClass c, string name) {
213+
exists(MethodCall mc |
214+
mc.getMethodName() = "helper_method" and
215+
mc.getAnArgument().getConstantValue().isStringOrSymbol(name) and
216+
mc.getEnclosingModule() = c
217+
)
218+
}
219+
205220
/**
206221
* A method in an `ActionController` class that is accessible from within a
207222
* Rails view as a helper method. For instance, in:
@@ -222,11 +237,9 @@ class ActionControllerHelperMethod extends Method {
222237
private ActionControllerControllerClass controllerClass;
223238

224239
ActionControllerHelperMethod() {
225-
this.getEnclosingModule() = controllerClass and
226-
exists(MethodCall helperMethodMarker |
227-
helperMethodMarker.getMethodName() = "helper_method" and
228-
helperMethodMarker.getAnArgument().getConstantValue().isStringOrSymbol(this.getName()) and
229-
helperMethodMarker.getEnclosingModule() = controllerClass
240+
exists(string name |
241+
isActionControllerMethod(this, name, controllerClass) and
242+
actionControllerHasHelperMethodCall(controllerClass, name)
230243
)
231244
}
232245

0 commit comments

Comments
 (0)