ruby: add DataFlow::MethodCallNode class

alexrford · alexrford · commit 286c894f3407 · 2021-11-16T15:39:47.000Z
diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPublic.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPublic.qll
@@ -60,6 +60,16 @@ class CallNode extends LocalSourceNode {
   Node getKeywordArgument(string name) { result.asExpr() = node.getKeywordArgument(name) }
 }
 
+/** A data-flow node corresponding to a method call in the control-flow graph. */
+class MethodCallNode extends CallNode {
+  private CfgNodes::ExprNodes::MethodCallCfgNode node;
+
+  MethodCallNode() { node = this.asExpr() }
+
+  /** Gets the name of the the method called by the method call corresponding to this data-flow node */
+  string getMethodName() { result = node.getExpr().getMethodName() }
+}
+
 /**
  * An expression, viewed as a node in a data flow graph.
  *
diff --git a/ruby/ql/lib/codeql/ruby/frameworks/ActiveStorage.qll b/ruby/ql/lib/codeql/ruby/frameworks/ActiveStorage.qll
@@ -5,11 +5,12 @@ private import codeql.ruby.DataFlow
 private import codeql.ruby.dataflow.FlowSummary
 
 /** Defines calls to  `ActiveStorage::Filename#sanitized` as path sanitizers. */
-class ActiveStorageFilenameSanitizedCall extends Path::PathSanitization::Range, DataFlow::CallNode {
+class ActiveStorageFilenameSanitizedCall extends Path::PathSanitization::Range,
+  DataFlow::MethodCallNode {
   ActiveStorageFilenameSanitizedCall() {
     this.getReceiver() =
       API::getTopLevelMember("ActiveStorage").getMember("Filename").getAnInstantiation() and
-    this.asExpr().getExpr().(MethodCall).getMethodName() = "sanitized"
+    this.getMethodName() = "sanitized"
   }
 }
 
diff --git a/ruby/ql/lib/codeql/ruby/frameworks/Files.qll b/ruby/ql/lib/codeql/ruby/frameworks/Files.qll
@@ -99,7 +99,7 @@ module IO {
   }
 
   /**
-   * A `DataFlow::CallNode` that reads data using the `IO` class. For example,
+   * A `DataFlow::MethodCallNode` that reads data using the `IO` class. For example,
    * the `IO.read call in:
    *
    * ```rb
@@ -112,7 +112,7 @@ module IO {
    * filesystem. For working with filesystem accesses specifically, see
    * `IOFileReader` or the `FileSystemReadAccess` concept.
    */
-  class IOReader extends DataFlow::CallNode {
+  class IOReader extends DataFlow::MethodCallNode {
     private boolean classMethodCall;
     private string api;
 
@@ -127,17 +127,15 @@ module IO {
       api = "IO" and
       exists(IOInstanceStrict ii |
         this.getReceiver() = ii and
-        this.asExpr().getExpr().(MethodCall).getMethodName() =
-          ioFileReaderMethodName(classMethodCall)
+        this.getMethodName() = ioFileReaderMethodName(classMethodCall)
       )
       or
       // File instance methods
       classMethodCall = false and
       api = "File" and
       exists(File::FileInstance fi |
         this.getReceiver() = fi and
-        this.asExpr().getExpr().(MethodCall).getMethodName() =
-          ioFileReaderMethodName(classMethodCall)
+        this.getMethodName() = ioFileReaderMethodName(classMethodCall)
       )
       // TODO: enumeration style methods such as `each`, `foreach`, etc.
     }
@@ -151,7 +149,7 @@ module IO {
   }
 
   /**
-   * A `DataFlow::CallNode` that reads data from the filesystem using the `IO`
+   * A `DataFlow::MethodCallNode` that reads data from the filesystem using the `IO`
    * class. For example, the `IO.read call in:
    *
    * ```rb
@@ -219,7 +217,7 @@ module File {
   /**
    * A call to a `File` method that may return one or more filenames.
    */
-  class FileModuleFilenameSource extends FileNameSource, DataFlow::CallNode {
+  class FileModuleFilenameSource extends FileNameSource, DataFlow::MethodCallNode {
     FileModuleFilenameSource() {
       // Class methods
       this =
@@ -232,13 +230,13 @@ module File {
       // Instance methods
       exists(FileInstance fi |
         this.getReceiver() = fi and
-        this.asExpr().getExpr().(MethodCall).getMethodName() = ["path", "to_path"]
+        this.getMethodName() = ["path", "to_path"]
       )
     }
   }
 
   private class FileModulePermissionModification extends FileSystemPermissionModification::Range,
-    DataFlow::CallNode {
+    DataFlow::MethodCallNode {
     private DataFlow::Node permissionArg;
 
     FileModulePermissionModification() {
@@ -321,7 +319,7 @@ module FileUtils {
   }
 
   private class FileUtilsPermissionModification extends FileSystemPermissionModification::Range,
-    DataFlow::CallNode {
+    DataFlow::MethodCallNode {
     private DataFlow::Node permissionArg;
 
     FileUtilsPermissionModification() {

Original file line number	Diff line number	Diff line change
`@@ -5,11 +5,12 @@ private import codeql.ruby.DataFlow`
`5`	`5`	`private import codeql.ruby.dataflow.FlowSummary`
`6`	`6`
`7`	`7`	/** Defines calls to `ActiveStorage::Filename#sanitized` as path sanitizers. */
`8`		`-class ActiveStorageFilenameSanitizedCall extends Path::PathSanitization::Range, DataFlow::CallNode {`
	`8`	`+class ActiveStorageFilenameSanitizedCall extends Path::PathSanitization::Range,`
	`9`	`+ DataFlow::MethodCallNode {`
`9`	`10`	`ActiveStorageFilenameSanitizedCall() {`
`10`	`11`	`this.getReceiver() =`
`11`	`12`	`API::getTopLevelMember("ActiveStorage").getMember("Filename").getAnInstantiation() and`
`12`		`- this.asExpr().getExpr().(MethodCall).getMethodName() = "sanitized"`
	`13`	`+ this.getMethodName() = "sanitized"`
`13`	`14`	`}`
`14`	`15`	`}`
`15`	`16`