Add additional Filter Methods

Author: maikypedia

ruby/ql/lib/codeql/ruby/frameworks/Ldap.qll

@@ -34,7 +34,16 @@ module NetLdap {
 
   /** A call that constructs a LDAP query */
   private class NetLdapFilter extends LdapConstruction::Range, DataFlow::CallNode {
-    NetLdapFilter() { this = any(ldap().getMember("Filter").getAMethodCall("eq")) }
+    NetLdapFilter() {
+      this =
+        any(ldap()
+                .getMember("Filter")
+                .getAMethodCall([
+                    "begins", "bineq", "contains", "ends", "eq", "equals", "ex", "ge", "le", "ne",
+                    "present"
+                  ])
+        )
+    }
 
     override DataFlow::Node getQuery() { result = this.getArgument([0, 1]) }
   }

ruby/ql/lib/codeql/ruby/security/LdapInjectionCustomizations.qll

@@ -34,7 +34,13 @@ module LdapInjection {
     exists(DataFlow::CallNode filterCall |
       (
         filterCall =
-          API::getTopLevelMember("Net").getMember("LDAP").getMember("Filter").getAMethodCall("eq") or
+          API::getTopLevelMember("Net")
+              .getMember("LDAP")
+              .getMember("Filter")
+              .getAMethodCall([
+                  "begins", "bineq", "contains", "ends", "eq", "equals", "ex", "ge", "le", "ne",
+                  "present"
+                ]) or
         filterCall.getMethodName() = "[]"
       ) and
       n1 = filterCall.getArgument([0, 1]) and