Ruby: matchesEmptyString -> isNullable

hmac · hmac · commit 6bb24f9d7cf0 · 2022-08-17T16:02:48.000+12:00
Rename RegExpLiteral.matchesEmptyString to isNullable, to match the JS
version.
diff --git a/ruby/ql/lib/codeql/ruby/regexp/RegExpTreeView.qll b/ruby/ql/lib/codeql/ruby/regexp/RegExpTreeView.qll
@@ -270,7 +270,7 @@ class RegExpTerm extends RegExpParent {
   override string getAPrimaryQlClass() { result = "RegExpTerm" }
 
   /** Holds if this regular expression term can match the empty string. */
-  predicate matchesEmptyString() { none() }
+  predicate isNullable() { none() }
 
   /** Gets a string matched by this regular expression. */
   string getAMatch() { none() }
@@ -333,7 +333,7 @@ class RegExpStar extends InfiniteRepetitionQuantifier {
 
   override string getAPrimaryQlClass() { result = "RegExpStar" }
 
-  override predicate matchesEmptyString() { any() }
+  override predicate isNullable() { any() }
 }
 
 /**
@@ -350,7 +350,7 @@ class RegExpPlus extends InfiniteRepetitionQuantifier {
 
   override string getAPrimaryQlClass() { result = "RegExpPlus" }
 
-  override predicate matchesEmptyString() { this.getAChild().matchesEmptyString() }
+  override predicate isNullable() { this.getAChild().isNullable() }
 }
 
 /**
@@ -367,7 +367,7 @@ class RegExpOpt extends RegExpQuantifier {
 
   override string getAPrimaryQlClass() { result = "RegExpOpt" }
 
-  override predicate matchesEmptyString() { any() }
+  override predicate isNullable() { any() }
 }
 
 /**
@@ -407,9 +407,7 @@ class RegExpRange extends RegExpQuantifier {
   /** Gets the lower bound of the range. */
   int getLowerBound() { result = this.getLower().toInt() }
 
-  override predicate matchesEmptyString() {
-    this.getAChild().matchesEmptyString() or this.getLowerBound() = 0
-  }
+  override predicate isNullable() { this.getAChild().isNullable() or this.getLowerBound() = 0 }
 }
 
 /**
@@ -457,8 +455,8 @@ class RegExpSequence extends RegExpTerm, TRegExpSequence {
 
   override string getAPrimaryQlClass() { result = "RegExpSequence" }
 
-  override predicate matchesEmptyString() {
-    forall(RegExpTerm child | child = this.getAChild() | child.matchesEmptyString())
+  override predicate isNullable() {
+    forall(RegExpTerm child | child = this.getAChild() | child.isNullable())
   }
 
   // Why can't we use concat(...) with language[monotonicAggregates] here instead?
@@ -540,7 +538,7 @@ class RegExpAlt extends RegExpTerm, TRegExpAlt {
 
   override string getAPrimaryQlClass() { result = "RegExpAlt" }
 
-  override predicate matchesEmptyString() { this.getAChild().matchesEmptyString() }
+  override predicate isNullable() { this.getAChild().isNullable() }
 }
 
 class RegExpCharEscape = RegExpEscape;
@@ -616,7 +614,7 @@ class RegExpEscape extends RegExpNormalChar {
 class RegExpWordBoundary extends RegExpSpecialChar {
   RegExpWordBoundary() { this.getChar() = "\\b" }
 
-  override predicate matchesEmptyString() { none() }
+  override predicate isNullable() { none() }
 }
 
 /**
@@ -646,7 +644,7 @@ class RegExpCharacterClassEscape extends RegExpEscape {
 
   override string getAPrimaryQlClass() { result = "RegExpCharacterClassEscape" }
 
-  override predicate matchesEmptyString() { none() }
+  override predicate isNullable() { none() }
 }
 
 /**
@@ -704,7 +702,7 @@ class RegExpCharacterClass extends RegExpTerm, TRegExpCharacterClass {
 
   override string getAPrimaryQlClass() { result = "RegExpCharacterClass" }
 
-  override predicate matchesEmptyString() { none() }
+  override predicate isNullable() { none() }
 
   override string getAMatch() { not this.isInverted() and result = this.getAChild().getAMatch() }
 }
@@ -747,7 +745,7 @@ class RegExpCharacterRange extends RegExpTerm, TRegExpCharacterRange {
 
   override string getAPrimaryQlClass() { result = "RegExpCharacterRange" }
 
-  override predicate matchesEmptyString() { none() }
+  override predicate isNullable() { none() }
 }
 
 /**
@@ -820,7 +818,7 @@ class RegExpConstant extends RegExpTerm {
 
   override string getAPrimaryQlClass() { result = "RegExpConstant" }
 
-  override predicate matchesEmptyString() { none() }
+  override predicate isNullable() { none() }
 
   override string getAMatch() { result = this.getValue() }
 }
@@ -871,7 +869,7 @@ class RegExpGroup extends RegExpTerm, TRegExpGroup {
 
   override string getAPrimaryQlClass() { result = "RegExpGroup" }
 
-  override predicate matchesEmptyString() { this.getAChild().matchesEmptyString() }
+  override predicate isNullable() { this.getAChild().isNullable() }
 
   override string getAMatch() { result = this.getAChild().getAMatch() }
 }
@@ -922,7 +920,7 @@ class RegExpDot extends RegExpSpecialChar {
 
   override string getAPrimaryQlClass() { result = "RegExpDot" }
 
-  override predicate matchesEmptyString() { none() }
+  override predicate isNullable() { none() }
 }
 
 /**
@@ -954,7 +952,7 @@ class RegExpDollar extends RegExpAnchor {
 
   override string getAPrimaryQlClass() { result = "RegExpDollar" }
 
-  override predicate matchesEmptyString() { any() }
+  override predicate isNullable() { any() }
 }
 
 /**
@@ -971,7 +969,7 @@ class RegExpCaret extends RegExpAnchor {
 
   override string getAPrimaryQlClass() { result = "RegExpCaret" }
 
-  override predicate matchesEmptyString() { any() }
+  override predicate isNullable() { any() }
 }
 
 /**
@@ -990,7 +988,7 @@ class RegExpZeroWidthMatch extends RegExpGroup {
 
   override string getAPrimaryQlClass() { result = "RegExpZeroWidthMatch" }
 
-  override predicate matchesEmptyString() { any() }
+  override predicate isNullable() { any() }
 }
 
 /**
@@ -1017,7 +1015,7 @@ class RegExpSubPattern extends RegExpZeroWidthMatch {
     )
   }
 
-  override predicate matchesEmptyString() { any() }
+  override predicate isNullable() { any() }
 }
 
 /**
@@ -1046,7 +1044,7 @@ class RegExpPositiveLookahead extends RegExpLookahead {
 
   override string getAPrimaryQlClass() { result = "RegExpPositiveLookahead" }
 
-  override predicate matchesEmptyString() { any() }
+  override predicate isNullable() { any() }
 }
 
 /**
@@ -1143,7 +1141,7 @@ class RegExpBackRef extends RegExpTerm, TRegExpBackRef {
 
   override string getAPrimaryQlClass() { result = "RegExpBackRef" }
 
-  override predicate matchesEmptyString() { this.getGroup().matchesEmptyString() }
+  override predicate isNullable() { this.getGroup().isNullable() }
 }
 
 /**
diff --git a/ruby/ql/lib/codeql/ruby/security/IncompleteMultiCharacterSanitizationQuery.qll b/ruby/ql/lib/codeql/ruby/security/IncompleteMultiCharacterSanitizationQuery.qll
@@ -53,14 +53,12 @@ private class DangerousPrefixSubstring extends string {
  */
 private DangerousPrefix getADangerousMatchedPrefix(EmptyReplaceRegExpTerm t) {
   result = getADangerousMatchedPrefixSubstring(t) and
-  not exists(EmptyReplaceRegExpTerm pred |
-    pred = t.getPredecessor+() and not pred.matchesEmptyString()
-  )
+  not exists(EmptyReplaceRegExpTerm pred | pred = t.getPredecessor+() and not pred.isNullable())
 }
 
 pragma[noinline]
 private DangerousPrefixSubstring getADangerousMatchedChar(EmptyReplaceRegExpTerm t) {
-  t.matchesEmptyString() and result = ""
+  t.isNullable() and result = ""
   or
   result = t.getAMatch()
   or
@@ -191,15 +189,15 @@ predicate hasResult(
     replace = regexp.getCall() and
     dangerous.getRootTerm() = regexp and
     // skip leading optional elements
-    not dangerous.matchesEmptyString() and
+    not dangerous.isNullable() and
     // only warn about the longest match
     prefix = max(string m | matchesDangerousPrefix(dangerous, m, kind) | m order by m.length(), m) and
     // only warn once per kind
     not exists(EmptyReplaceRegExpTerm other |
       other = dangerous.getAChild+() or other = dangerous.getPredecessor+()
     |
       matchesDangerousPrefix(other, _, kind) and
-      not other.matchesEmptyString()
+      not other.isNullable()
     ) and
     not exists(RETV::RegExpCaret c | regexp = c.getRootTerm()) and
     not exists(RETV::RegExpDollar d | regexp = d.getRootTerm()) and

Original file line number	Diff line number	Diff line change
`@@ -270,7 +270,7 @@ class RegExpTerm extends RegExpParent {`
`270`	`270`	`override string getAPrimaryQlClass() { result = "RegExpTerm" }`
`271`	`271`
`272`	`272`	`/** Holds if this regular expression term can match the empty string. */`
`273`		`- predicate matchesEmptyString() { none() }`
	`273`	`+ predicate isNullable() { none() }`
`274`	`274`
`275`	`275`	`/** Gets a string matched by this regular expression. */`
`276`	`276`	`string getAMatch() { none() }`
`@@ -333,7 +333,7 @@ class RegExpStar extends InfiniteRepetitionQuantifier {`
`333`	`333`
`334`	`334`	`override string getAPrimaryQlClass() { result = "RegExpStar" }`
`335`	`335`
`336`		`- override predicate matchesEmptyString() { any() }`
	`336`	`+ override predicate isNullable() { any() }`
`337`	`337`	`}`
`338`	`338`
`339`	`339`	`/**`
`@@ -350,7 +350,7 @@ class RegExpPlus extends InfiniteRepetitionQuantifier {`
`350`	`350`
`351`	`351`	`override string getAPrimaryQlClass() { result = "RegExpPlus" }`
`352`	`352`
`353`		`- override predicate matchesEmptyString() { this.getAChild().matchesEmptyString() }`
	`353`	`+ override predicate isNullable() { this.getAChild().isNullable() }`
`354`	`354`	`}`
`355`	`355`
`356`	`356`	`/**`
`@@ -367,7 +367,7 @@ class RegExpOpt extends RegExpQuantifier {`
`367`	`367`
`368`	`368`	`override string getAPrimaryQlClass() { result = "RegExpOpt" }`
`369`	`369`
`370`		`- override predicate matchesEmptyString() { any() }`
	`370`	`+ override predicate isNullable() { any() }`
`371`	`371`	`}`
`372`	`372`
`373`	`373`	`/**`
`@@ -407,9 +407,7 @@ class RegExpRange extends RegExpQuantifier {`
`407`	`407`	`/** Gets the lower bound of the range. */`
`408`	`408`	`int getLowerBound() { result = this.getLower().toInt() }`
`409`	`409`
`410`		`- override predicate matchesEmptyString() {`
`411`		`- this.getAChild().matchesEmptyString() or this.getLowerBound() = 0`
`412`		`- }`
	`410`	`+ override predicate isNullable() { this.getAChild().isNullable() or this.getLowerBound() = 0 }`
`413`	`411`	`}`
`414`	`412`
`415`	`413`	`/**`
`@@ -457,8 +455,8 @@ class RegExpSequence extends RegExpTerm, TRegExpSequence {`
`457`	`455`
`458`	`456`	`override string getAPrimaryQlClass() { result = "RegExpSequence" }`
`459`	`457`
`460`		`- override predicate matchesEmptyString() {`
`461`		`- forall(RegExpTerm child \| child = this.getAChild() \| child.matchesEmptyString())`
	`458`	`+ override predicate isNullable() {`
	`459`	`+ forall(RegExpTerm child \| child = this.getAChild() \| child.isNullable())`
`462`	`460`	`}`
`463`	`461`
`464`	`462`	`// Why can't we use concat(...) with language[monotonicAggregates] here instead?`
`@@ -540,7 +538,7 @@ class RegExpAlt extends RegExpTerm, TRegExpAlt {`
`540`	`538`
`541`	`539`	`override string getAPrimaryQlClass() { result = "RegExpAlt" }`
`542`	`540`
`543`		`- override predicate matchesEmptyString() { this.getAChild().matchesEmptyString() }`
	`541`	`+ override predicate isNullable() { this.getAChild().isNullable() }`
`544`	`542`	`}`
`545`	`543`
`546`	`544`	`class RegExpCharEscape = RegExpEscape;`
`@@ -616,7 +614,7 @@ class RegExpEscape extends RegExpNormalChar {`
`616`	`614`	`class RegExpWordBoundary extends RegExpSpecialChar {`
`617`	`615`	`RegExpWordBoundary() { this.getChar() = "\\b" }`
`618`	`616`
`619`		`- override predicate matchesEmptyString() { none() }`
	`617`	`+ override predicate isNullable() { none() }`
`620`	`618`	`}`
`621`	`619`
`622`	`620`	`/**`
`@@ -646,7 +644,7 @@ class RegExpCharacterClassEscape extends RegExpEscape {`
`646`	`644`
`647`	`645`	`override string getAPrimaryQlClass() { result = "RegExpCharacterClassEscape" }`
`648`	`646`
`649`		`- override predicate matchesEmptyString() { none() }`
	`647`	`+ override predicate isNullable() { none() }`
`650`	`648`	`}`
`651`	`649`
`652`	`650`	`/**`
`@@ -704,7 +702,7 @@ class RegExpCharacterClass extends RegExpTerm, TRegExpCharacterClass {`
`704`	`702`
`705`	`703`	`override string getAPrimaryQlClass() { result = "RegExpCharacterClass" }`
`706`	`704`
`707`		`- override predicate matchesEmptyString() { none() }`
	`705`	`+ override predicate isNullable() { none() }`
`708`	`706`
`709`	`707`	`override string getAMatch() { not this.isInverted() and result = this.getAChild().getAMatch() }`
`710`	`708`	`}`
`@@ -747,7 +745,7 @@ class RegExpCharacterRange extends RegExpTerm, TRegExpCharacterRange {`
`747`	`745`
`748`	`746`	`override string getAPrimaryQlClass() { result = "RegExpCharacterRange" }`
`749`	`747`
`750`		`- override predicate matchesEmptyString() { none() }`
	`748`	`+ override predicate isNullable() { none() }`
`751`	`749`	`}`
`752`	`750`
`753`	`751`	`/**`
`@@ -820,7 +818,7 @@ class RegExpConstant extends RegExpTerm {`
`820`	`818`
`821`	`819`	`override string getAPrimaryQlClass() { result = "RegExpConstant" }`
`822`	`820`
`823`		`- override predicate matchesEmptyString() { none() }`
	`821`	`+ override predicate isNullable() { none() }`
`824`	`822`
`825`	`823`	`override string getAMatch() { result = this.getValue() }`
`826`	`824`	`}`
`@@ -871,7 +869,7 @@ class RegExpGroup extends RegExpTerm, TRegExpGroup {`
`871`	`869`
`872`	`870`	`override string getAPrimaryQlClass() { result = "RegExpGroup" }`
`873`	`871`
`874`		`- override predicate matchesEmptyString() { this.getAChild().matchesEmptyString() }`
	`872`	`+ override predicate isNullable() { this.getAChild().isNullable() }`
`875`	`873`
`876`	`874`	`override string getAMatch() { result = this.getAChild().getAMatch() }`
`877`	`875`	`}`
`@@ -922,7 +920,7 @@ class RegExpDot extends RegExpSpecialChar {`
`922`	`920`
`923`	`921`	`override string getAPrimaryQlClass() { result = "RegExpDot" }`
`924`	`922`
`925`		`- override predicate matchesEmptyString() { none() }`
	`923`	`+ override predicate isNullable() { none() }`
`926`	`924`	`}`
`927`	`925`
`928`	`926`	`/**`
`@@ -954,7 +952,7 @@ class RegExpDollar extends RegExpAnchor {`
`954`	`952`
`955`	`953`	`override string getAPrimaryQlClass() { result = "RegExpDollar" }`
`956`	`954`
`957`		`- override predicate matchesEmptyString() { any() }`
	`955`	`+ override predicate isNullable() { any() }`
`958`	`956`	`}`
`959`	`957`
`960`	`958`	`/**`
`@@ -971,7 +969,7 @@ class RegExpCaret extends RegExpAnchor {`
`971`	`969`
`972`	`970`	`override string getAPrimaryQlClass() { result = "RegExpCaret" }`
`973`	`971`
`974`		`- override predicate matchesEmptyString() { any() }`
	`972`	`+ override predicate isNullable() { any() }`
`975`	`973`	`}`
`976`	`974`
`977`	`975`	`/**`
`@@ -990,7 +988,7 @@ class RegExpZeroWidthMatch extends RegExpGroup {`
`990`	`988`
`991`	`989`	`override string getAPrimaryQlClass() { result = "RegExpZeroWidthMatch" }`
`992`	`990`
`993`		`- override predicate matchesEmptyString() { any() }`
	`991`	`+ override predicate isNullable() { any() }`
`994`	`992`	`}`
`995`	`993`
`996`	`994`	`/**`
`@@ -1017,7 +1015,7 @@ class RegExpSubPattern extends RegExpZeroWidthMatch {`
`1017`	`1015`	`)`
`1018`	`1016`	`}`
`1019`	`1017`
`1020`		`- override predicate matchesEmptyString() { any() }`
	`1018`	`+ override predicate isNullable() { any() }`
`1021`	`1019`	`}`
`1022`	`1020`
`1023`	`1021`	`/**`
`@@ -1046,7 +1044,7 @@ class RegExpPositiveLookahead extends RegExpLookahead {`
`1046`	`1044`
`1047`	`1045`	`override string getAPrimaryQlClass() { result = "RegExpPositiveLookahead" }`
`1048`	`1046`
`1049`		`- override predicate matchesEmptyString() { any() }`
	`1047`	`+ override predicate isNullable() { any() }`
`1050`	`1048`	`}`
`1051`	`1049`
`1052`	`1050`	`/**`
`@@ -1143,7 +1141,7 @@ class RegExpBackRef extends RegExpTerm, TRegExpBackRef {`
`1143`	`1141`
`1144`	`1142`	`override string getAPrimaryQlClass() { result = "RegExpBackRef" }`
`1145`	`1143`
`1146`		`- override predicate matchesEmptyString() { this.getGroup().matchesEmptyString() }`
	`1144`	`+ override predicate isNullable() { this.getGroup().isNullable() }`
`1147`	`1145`	`}`
`1148`	`1146`
`1149`	`1147`	`/**`