Ruby: Recognise ActiveSupport::Logger as a logger

Author: hmac

ruby/ql/lib/codeql/ruby/frameworks/ActiveSupport.qll

@@ -7,6 +7,9 @@ private import ruby
 private import codeql.ruby.Concepts
 private import codeql.ruby.DataFlow
 private import codeql.ruby.dataflow.FlowSummary
+private import codeql.ruby.Concepts
+private import codeql.ruby.ApiGraphs
+private import codeql.ruby.frameworks.stdlib.Logger::Logger as StdlibLogger
 
 /**
  * Modeling for `ActiveSupport`.
@@ -122,4 +125,15 @@ module ActiveSupport {
       // TODO: index_by, index_with, pick, pluck (they require Hash dataflow)
     }
   }
+
+  /**
+   * `ActiveSupport::Logger`
+   */
+  module Logger {
+    private class ActiveSupportLoggerInstance extends StdlibLogger::LoggerInstance {
+      ActiveSupportLoggerInstance() {
+        this = API::getTopLevelMember("ActiveSupport").getMember("Logger").getAnInstantiation()
+      }
+    }
+  }
 }

ruby/ql/lib/codeql/ruby/frameworks/stdlib/Logger.qll

@@ -33,11 +33,25 @@ module Logger {
     )
   }
 
+  /**
+   * An instance of a logger that responds to the std lib logging methods.
+   * This can be extended to recognise additional instances that conform to the
+   * same interface.
+   */
+  abstract class LoggerInstance extends DataFlow::Node { }
+
+  /**
+   * An instance of the std lib `Logger` class.
+   */
+  private class StdlibLoggerInstance extends LoggerInstance {
+    StdlibLoggerInstance() { this = loggerInstance() }
+  }
+
   /**
    * A call to a `Logger` instance method that causes a message to be logged.
    */
   abstract class LoggerLoggingCall extends Logging::Range, DataFlow::CallNode {
-    LoggerLoggingCall() { this.getReceiver() = loggerInstance() }
+    LoggerLoggingCall() { this.getReceiver() instanceof LoggerInstance }
   }
 
   /**