Replace string kind with boolean preservesValue

hvitved · hvitved · commit a37737d065dc · 2021-09-22T09:28:55.000+02:00
diff --git a/ql/lib/codeql/ruby/dataflow/FlowSummary.qll b/ql/lib/codeql/ruby/dataflow/FlowSummary.qll
@@ -96,7 +96,7 @@ abstract class SummarizedCallable extends LibraryCallable {
    * but uses an external (string) representation of the input and output stacks.
    */
   pragma[nomagic]
-  predicate propagatesFlowExt(string input, string output, string kind) { none() }
+  predicate propagatesFlowExt(string input, string output, boolean preservesValue) { none() }
 
   /**
    * Holds if values stored inside `content` are cleared on objects passed as
diff --git a/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImplSpecific.qll b/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImplSpecific.qll
@@ -45,9 +45,10 @@ DataFlowType getCallbackReturnType(DataFlowType t, ReturnKind rk) { any() }
  * `input`, output specification `output`, and kind `kind`.
  */
 predicate summaryElement(DataFlowCallable c, string input, string output, string kind) {
-  exists(FlowSummary::SummarizedCallable sc |
-    sc.propagatesFlowExt(input, output, kind) and
-    c.asLibraryCallable() = sc
+  exists(FlowSummary::SummarizedCallable sc, boolean preservesValue |
+    sc.propagatesFlowExt(input, output, preservesValue) and
+    c.asLibraryCallable() = sc and
+    if preservesValue = true then kind = "value" else kind = "taint"
   )
 }
 
diff --git a/ql/test/library-tests/dataflow/summaries/Summaries.ql b/ql/test/library-tests/dataflow/summaries/Summaries.ql
@@ -18,10 +18,10 @@ private class SummarizedCallableIdentity extends SummarizedCallable {
 
   override MethodCall getACall() { result.getMethodName() = this }
 
-  override predicate propagatesFlowExt(string input, string output, string kind) {
+  override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
     input = "Argument[0]" and
     output = "ReturnValue" and
-    kind = "value"
+    preservesValue = true
   }
 }
 
@@ -30,14 +30,14 @@ private class SummarizedCallableApplyBlock extends SummarizedCallable {
 
   override MethodCall getACall() { result.getMethodName() = this }
 
-  override predicate propagatesFlowExt(string input, string output, string kind) {
+  override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
     input = "Argument[0]" and
     output = "Parameter[0] of BlockArgument" and
-    kind = "value"
+    preservesValue = true
     or
     input = "ReturnValue of BlockArgument" and
     output = "ReturnValue" and
-    kind = "value"
+    preservesValue = true
   }
 }
 
@@ -46,14 +46,14 @@ private class SummarizedCallableApplyLambda extends SummarizedCallable {
 
   override MethodCall getACall() { result.getMethodName() = this }
 
-  override predicate propagatesFlowExt(string input, string output, string kind) {
+  override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
     input = "Argument[1]" and
     output = "Parameter[0] of Argument[0]" and
-    kind = "value"
+    preservesValue = true
     or
     input = "ReturnValue of Argument[0]" and
     output = "ReturnValue" and
-    kind = "value"
+    preservesValue = true
   }
 }
 

Original file line number	Diff line number	Diff line change
`@@ -45,9 +45,10 @@ DataFlowType getCallbackReturnType(DataFlowType t, ReturnKind rk) { any() }`
`45`	`45`	* `input`, output specification `output`, and kind `kind`.
`46`	`46`	`*/`
`47`	`47`	`predicate summaryElement(DataFlowCallable c, string input, string output, string kind) {`
`48`		`- exists(FlowSummary::SummarizedCallable sc \|`
`49`		`- sc.propagatesFlowExt(input, output, kind) and`
`50`		`- c.asLibraryCallable() = sc`
	`48`	`+ exists(FlowSummary::SummarizedCallable sc, boolean preservesValue \|`
	`49`	`+ sc.propagatesFlowExt(input, output, preservesValue) and`
	`50`	`+ c.asLibraryCallable() = sc and`
	`51`	`+ if preservesValue = true then kind = "value" else kind = "taint"`
`51`	`52`	`)`
`52`	`53`	`}`
`53`	`54`