Apply suggestions from code review

p- · aibaars · web-flow · commit e87effc18c8e · 2024-01-30T15:14:35.000+01:00
Co-authored-by: Arthur Baars &lt;aibaars@github.com&gt;
diff --git a/ruby/ql/lib/codeql/ruby/security/UnsafeDeserializationCustomizations.qll b/ruby/ql/lib/codeql/ruby/security/UnsafeDeserializationCustomizations.qll
@@ -234,7 +234,7 @@ module UnsafeDeserialization {
    * The first argument in a call to `Oj.object_load`, always considered as a
    * sink for unsafe deserialization. (global and local mode options are ignored)
    */
-  class OjObjectLoadArgument extends Sink {
+  private class OjObjectLoadArgument extends Sink {
     OjObjectLoadArgument() {
       this = API::getTopLevelMember("Oj").getAMethodCall("object_load").getArgument(0)
     }
@@ -266,8 +266,7 @@ module UnsafeDeserialization {
      * Gets the value being assigned to `Ox.default_options`.
      */
     DataFlow::Node getValue() {
-      result.asExpr() =
-        this.getArgument(0).asExpr().(CfgNodes::ExprNodes::AssignExprCfgNode).getRhs()
+      result =  this.getArgument(0)
     }
   }
 

Original file line number	Diff line number	Diff line change
`@@ -234,7 +234,7 @@ module UnsafeDeserialization {`
`234`	`234`	* The first argument in a call to `Oj.object_load`, always considered as a
`235`	`235`	`* sink for unsafe deserialization. (global and local mode options are ignored)`
`236`	`236`	`*/`
`237`		`- class OjObjectLoadArgument extends Sink {`
	`237`	`+ private class OjObjectLoadArgument extends Sink {`
`238`	`238`	`OjObjectLoadArgument() {`
`239`	`239`	`this = API::getTopLevelMember("Oj").getAMethodCall("object_load").getArgument(0)`
`240`	`240`	`}`
`@@ -266,8 +266,7 @@ module UnsafeDeserialization {`
`266`	`266`	* Gets the value being assigned to `Ox.default_options`.
`267`	`267`	`*/`
`268`	`268`	`DataFlow::Node getValue() {`
`269`		`- result.asExpr() =`
`270`		`- this.getArgument(0).asExpr().(CfgNodes::ExprNodes::AssignExprCfgNode).getRhs()`
	`269`	`+ result = this.getArgument(0)`
`271`	`270`	`}`
`272`	`271`	`}`
`273`	`272`