Address review comments

hmac · hmac · commit 41608ef47b82 · 2021-09-23T12:26:54.000+01:00
diff --git a/ql/lib/codeql/ruby/security/CodeInjectionCustomizations.qll b/ql/lib/codeql/ruby/security/CodeInjectionCustomizations.qll
@@ -35,6 +35,6 @@ module CodeInjection {
    * A call that evaluates its arguments as Ruby code, considered as a flow sink.
    */
   class CodeExecutionAsSink extends Sink {
-    CodeExecutionAsSink() { exists(CodeExecution c | this = c.getCode()) }
+    CodeExecutionAsSink() { this = any(CodeExecution c).getCode() }
   }
 }
diff --git a/ql/lib/codeql/ruby/security/CodeInjectionQuery.qll b/ql/lib/codeql/ruby/security/CodeInjectionQuery.qll
@@ -5,7 +5,6 @@
  * otherwise `CodeInjectionCustomizations` should be imported instead.
  */
 
-private import ruby
 import codeql.ruby.DataFlow::DataFlow::PathGraph
 import codeql.ruby.DataFlow
 import codeql.ruby.TaintTracking

Original file line number	Diff line number	Diff line change
`@@ -35,6 +35,6 @@ module CodeInjection {`
`35`	`35`	`* A call that evaluates its arguments as Ruby code, considered as a flow sink.`
`36`	`36`	`*/`
`37`	`37`	`class CodeExecutionAsSink extends Sink {`
`38`		`- CodeExecutionAsSink() { exists(CodeExecution c \| this = c.getCode()) }`
	`38`	`+ CodeExecutionAsSink() { this = any(CodeExecution c).getCode() }`
`39`	`39`	`}`
`40`	`40`	`}`