Add fixes and suggestions

maikypedia · maikypedia · commit 8b2accca8357 · 2023-12-18T12:20:32.000+01:00
diff --git a/ruby/ql/lib/codeql/ruby/security/InsecureRandomnessCustomizations.qll b/ruby/ql/lib/codeql/ruby/security/InsecureRandomnessCustomizations.qll
@@ -1,6 +1,6 @@
 /**
- * Provides default sources, sinks, and sanitizers for reasoning about bypass of
- * sensitive action guards, as well as extension points for adding your own.
+ * Provides default sources, sinks, and sanitizers for reasoning about random values that 
+ * are not cryptographically secure, as well as extension points for adding your own.
  */
 
 private import codeql.ruby.CFG
@@ -9,10 +9,11 @@ private import codeql.ruby.DataFlow
 private import codeql.ruby.security.SensitiveActions
 private import codeql.ruby.Concepts
 private import codeql.ruby.ApiGraphs
+import codeql.ruby.frameworks.core.Kernel
 
 /**
- * Provides default sources, sinks, and sanitizers for reasoning about bypass of
- * sensitive action guards, as well as extension points for adding your own.
+ * Provides default sources, sinks, and sanitizers for reasoning about random values that 
+ * are not cryptographically secure, as well as extension points for adding your own.
  */
 module InsecureRandomness {
   /**
@@ -42,6 +43,7 @@ module InsecureRandomness {
         this.getReceiver().asExpr().getExpr() instanceof SelfVariableAccess and
         super.getMethodName() = "rand"
       )
+      or this.(Kernel::KernelMethodCall).getMethodName() = "rand"
     }
   }
 
diff --git a/ruby/ql/lib/codeql/ruby/security/InsecureRandomnessQuery.qll b/ruby/ql/lib/codeql/ruby/security/InsecureRandomnessQuery.qll
@@ -7,20 +7,6 @@ private import codeql.ruby.DataFlow
 private import codeql.ruby.TaintTracking
 import InsecureRandomnessCustomizations::InsecureRandomness
 
-/**
- * A taint-tracking configuration for detecting Insecure Randomness vulnerabilities.
- * DEPRECATED: Use `InsecureRandomnessFlow`
- */
-deprecated class Configuration extends TaintTracking::Configuration {
-  Configuration() { this = "InsecureRandomnessConfiguration" }
-
-  override predicate isSource(DataFlow::Node source) { source instanceof Source }
-
-  override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
-
-  override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
-}
-
 private module InsecureRandomnessConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof Source }
 
