diff --git a/ruby/ql/lib/codeql/ruby/ApiGraphs.qll b/ruby/ql/lib/codeql/ruby/ApiGraphs.qll index 00537e375b1b..a74b0e081995 100644 --- a/ruby/ql/lib/codeql/ruby/ApiGraphs.qll +++ b/ruby/ql/lib/codeql/ruby/ApiGraphs.qll @@ -1,5 +1,5 @@ /** - * Provides an implementation of _API graphs_, which allow efficient modelling of how a given + * Provides an implementation of _API graphs_, which allow efficient modeling of how a given * value is used by the code base or how values produced by the code base are consumed by a library. * * See `API::Node` for more details. diff --git a/ruby/ql/lib/codeql/ruby/frameworks/core/Kernel.qll b/ruby/ql/lib/codeql/ruby/frameworks/core/Kernel.qll index 2746faebdc86..cef6cb4fa043 100644 --- a/ruby/ql/lib/codeql/ruby/frameworks/core/Kernel.qll +++ b/ruby/ql/lib/codeql/ruby/frameworks/core/Kernel.qll @@ -50,7 +50,7 @@ module Kernel { } /** - * Private methods in the `Kernel` module. + * Holds if `method` is a name of a private method in the `Kernel` module. * These can be be invoked on `self`, on `Kernel`, or using a low-level primitive like `send` or `instance_eval`. * ```ruby * puts "hello world" diff --git a/ruby/ql/lib/codeql/ruby/frameworks/http_clients/Excon.qll b/ruby/ql/lib/codeql/ruby/frameworks/http_clients/Excon.qll index e2ba1eb48fec..9ffd5e3ef512 100644 --- a/ruby/ql/lib/codeql/ruby/frameworks/http_clients/Excon.qll +++ b/ruby/ql/lib/codeql/ruby/frameworks/http_clients/Excon.qll @@ -25,27 +25,28 @@ private import codeql.ruby.DataFlow */ class ExconHttpRequest extends Http::Client::Request::Range instanceof DataFlow::CallNode { API::Node requestNode; - API::Node connectionNode; DataFlow::Node connectionUse; ExconHttpRequest() { this = requestNode.asSource() and - connectionUse = connectionNode.asSource() and - connectionNode = - [ - // one-off requests - API::getTopLevelMember("Excon"), - // connection re-use - API::getTopLevelMember("Excon").getInstance(), - API::getTopLevelMember("Excon").getMember("Connection").getInstance() - ] and - requestNode = - connectionNode - .getReturn([ - // Excon#request exists but Excon.request doesn't. - // This shouldn't be a problem - in real code the latter would raise NoMethodError anyway. - "get", "head", "delete", "options", "post", "put", "patch", "trace", "request" - ]) + exists(API::Node connectionNode | + connectionUse = connectionNode.asSource() and + connectionNode = + [ + // one-off requests + API::getTopLevelMember("Excon"), + // connection re-use + API::getTopLevelMember("Excon").getInstance(), + API::getTopLevelMember("Excon").getMember("Connection").getInstance() + ] and + requestNode = + connectionNode + .getReturn([ + // Excon#request exists but Excon.request doesn't. + // This shouldn't be a problem - in real code the latter would raise NoMethodError anyway. + "get", "head", "delete", "options", "post", "put", "patch", "trace", "request" + ]) + ) } override DataFlow::Node getResponseBody() { result = requestNode.getAMethodCall("body") } diff --git a/ruby/ql/lib/codeql/ruby/frameworks/http_clients/NetHttp.qll b/ruby/ql/lib/codeql/ruby/frameworks/http_clients/NetHttp.qll index bcb86e2b63d3..a1b58d700b8f 100644 --- a/ruby/ql/lib/codeql/ruby/frameworks/http_clients/NetHttp.qll +++ b/ruby/ql/lib/codeql/ruby/frameworks/http_clients/NetHttp.qll @@ -27,11 +27,10 @@ private import codeql.ruby.DataFlow class NetHttpRequest extends Http::Client::Request::Range instanceof DataFlow::CallNode { private DataFlow::CallNode request; API::Node requestNode; - API::Node connectionNode; private boolean returnsResponseBody; NetHttpRequest() { - exists(string method | + exists(string method, API::Node connectionNode | request = requestNode.asSource() and this = request and requestNode = connectionNode.getReturn(method) diff --git a/ruby/ql/lib/codeql/ruby/regexp/internal/ParseRegExp.qll b/ruby/ql/lib/codeql/ruby/regexp/internal/ParseRegExp.qll index d1f96ec407ee..d35d9353bf13 100644 --- a/ruby/ql/lib/codeql/ruby/regexp/internal/ParseRegExp.qll +++ b/ruby/ql/lib/codeql/ruby/regexp/internal/ParseRegExp.qll @@ -194,7 +194,7 @@ abstract class RegExp extends Ast::StringlikeLiteral { } /** - * Holds if the character set starting at `charset_start` contains a character range + * Holds if the character set starting at `charsetStart` contains a character range * with lower bound found between `start` and `lowerEnd` * and upper bound found between `upperStart` and `end`. */ diff --git a/ruby/ql/lib/codeql/ruby/security/ImproperMemoizationQuery.qll b/ruby/ql/lib/codeql/ruby/security/ImproperMemoizationQuery.qll index 46fc231c6fc6..dab75f00b9e5 100644 --- a/ruby/ql/lib/codeql/ruby/security/ImproperMemoizationQuery.qll +++ b/ruby/ql/lib/codeql/ruby/security/ImproperMemoizationQuery.qll @@ -45,7 +45,7 @@ private class MemoCandidate extends Method { } /** - * Holds if parameter `p` of `m` is read in the right hand side of `assign`. + * Holds if parameter `p` of `m` is read in the right hand side of `a`. */ private predicate parameterUsedInMemoValue(Method m, Parameter p, MemoStmt a) { p = m.getAParameter() and @@ -54,7 +54,7 @@ private predicate parameterUsedInMemoValue(Method m, Parameter p, MemoStmt a) { } /** - * Holds if parameter `p` of `m` is read in the left hand side of `assign`. + * Holds if parameter `p` of `m` is read in the left hand side of `a`. */ private predicate parameterUsedInMemoKey(Method m, Parameter p, HashMemoStmt a) { p = m.getAParameter() and