Ruby: add flow summary for Enumerable#index_with

Author: aibaars

ruby/ql/lib/codeql/ruby/frameworks/ActiveSupport.qll

@@ -294,7 +294,21 @@ module ActiveSupport {
           preservesValue = true
         }
       }
-      // TODO: index_with, pick, pluck (they require Hash dataflow)
+
+      private class IndexWithSummary extends SimpleSummarizedCallable {
+        IndexWithSummary() { this = "index_with" }
+
+        override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+          input = "Argument[self].Element[any]" and
+          output = "Argument[block].Parameter[0]" and
+          preservesValue = true
+          or
+          input = ["Argument[0]", "Argument[block].ReturnValue"] and
+          output = "ReturnValue.Element[?]" and
+          preservesValue = true
+        }
+      }
+      // TODO: pick, pluck (they require Hash dataflow)
     }
   }
 

ruby/ql/test/library-tests/frameworks/active_support/ActiveSupportDataFlow.expected

@@ -286,6 +286,40 @@ edges
 | hash_extensions.rb:73:10:73:10 | h [element] :  | hash_extensions.rb:73:10:73:16 | ...[...] |
 | hash_extensions.rb:74:10:74:10 | h [element] :  | hash_extensions.rb:74:10:74:16 | ...[...] |
 | hash_extensions.rb:74:10:74:10 | h [element] :  | hash_extensions.rb:74:10:74:16 | ...[...] |
+| hash_extensions.rb:80:15:80:25 | call to source :  | hash_extensions.rb:81:9:81:14 | values [element 0] :  |
+| hash_extensions.rb:80:15:80:25 | call to source :  | hash_extensions.rb:81:9:81:14 | values [element 0] :  |
+| hash_extensions.rb:80:28:80:38 | call to source :  | hash_extensions.rb:81:9:81:14 | values [element 1] :  |
+| hash_extensions.rb:80:28:80:38 | call to source :  | hash_extensions.rb:81:9:81:14 | values [element 1] :  |
+| hash_extensions.rb:80:41:80:51 | call to source :  | hash_extensions.rb:81:9:81:14 | values [element 2] :  |
+| hash_extensions.rb:80:41:80:51 | call to source :  | hash_extensions.rb:81:9:81:14 | values [element 2] :  |
+| hash_extensions.rb:81:9:81:14 | values [element 0] :  | hash_extensions.rb:81:31:81:33 | key :  |
+| hash_extensions.rb:81:9:81:14 | values [element 0] :  | hash_extensions.rb:81:31:81:33 | key :  |
+| hash_extensions.rb:81:9:81:14 | values [element 1] :  | hash_extensions.rb:81:31:81:33 | key :  |
+| hash_extensions.rb:81:9:81:14 | values [element 1] :  | hash_extensions.rb:81:31:81:33 | key :  |
+| hash_extensions.rb:81:9:81:14 | values [element 2] :  | hash_extensions.rb:81:31:81:33 | key :  |
+| hash_extensions.rb:81:9:81:14 | values [element 2] :  | hash_extensions.rb:81:31:81:33 | key :  |
+| hash_extensions.rb:81:9:84:7 | call to index_with [element] :  | hash_extensions.rb:86:10:86:10 | h [element] :  |
+| hash_extensions.rb:81:9:84:7 | call to index_with [element] :  | hash_extensions.rb:86:10:86:10 | h [element] :  |
+| hash_extensions.rb:81:9:84:7 | call to index_with [element] :  | hash_extensions.rb:87:10:87:10 | h [element] :  |
+| hash_extensions.rb:81:9:84:7 | call to index_with [element] :  | hash_extensions.rb:87:10:87:10 | h [element] :  |
+| hash_extensions.rb:81:31:81:33 | key :  | hash_extensions.rb:82:14:82:16 | key |
+| hash_extensions.rb:81:31:81:33 | key :  | hash_extensions.rb:82:14:82:16 | key |
+| hash_extensions.rb:83:9:83:19 | call to source :  | hash_extensions.rb:81:9:84:7 | call to index_with [element] :  |
+| hash_extensions.rb:83:9:83:19 | call to source :  | hash_extensions.rb:81:9:84:7 | call to index_with [element] :  |
+| hash_extensions.rb:86:10:86:10 | h [element] :  | hash_extensions.rb:86:10:86:16 | ...[...] |
+| hash_extensions.rb:86:10:86:10 | h [element] :  | hash_extensions.rb:86:10:86:16 | ...[...] |
+| hash_extensions.rb:87:10:87:10 | h [element] :  | hash_extensions.rb:87:10:87:16 | ...[...] |
+| hash_extensions.rb:87:10:87:10 | h [element] :  | hash_extensions.rb:87:10:87:16 | ...[...] |
+| hash_extensions.rb:89:9:89:38 | call to index_with [element] :  | hash_extensions.rb:91:10:91:10 | j [element] :  |
+| hash_extensions.rb:89:9:89:38 | call to index_with [element] :  | hash_extensions.rb:91:10:91:10 | j [element] :  |
+| hash_extensions.rb:89:9:89:38 | call to index_with [element] :  | hash_extensions.rb:92:10:92:10 | j [element] :  |
+| hash_extensions.rb:89:9:89:38 | call to index_with [element] :  | hash_extensions.rb:92:10:92:10 | j [element] :  |
+| hash_extensions.rb:89:27:89:37 | call to source :  | hash_extensions.rb:89:9:89:38 | call to index_with [element] :  |
+| hash_extensions.rb:89:27:89:37 | call to source :  | hash_extensions.rb:89:9:89:38 | call to index_with [element] :  |
+| hash_extensions.rb:91:10:91:10 | j [element] :  | hash_extensions.rb:91:10:91:16 | ...[...] |
+| hash_extensions.rb:91:10:91:10 | j [element] :  | hash_extensions.rb:91:10:91:16 | ...[...] |
+| hash_extensions.rb:92:10:92:10 | j [element] :  | hash_extensions.rb:92:10:92:16 | ...[...] |
+| hash_extensions.rb:92:10:92:10 | j [element] :  | hash_extensions.rb:92:10:92:16 | ...[...] |
 nodes
 | active_support.rb:10:9:10:18 | call to source :  | semmle.label | call to source :  |
 | active_support.rb:11:10:11:10 | x :  | semmle.label | x :  |
@@ -648,6 +682,46 @@ nodes
 | hash_extensions.rb:74:10:74:10 | h [element] :  | semmle.label | h [element] :  |
 | hash_extensions.rb:74:10:74:16 | ...[...] | semmle.label | ...[...] |
 | hash_extensions.rb:74:10:74:16 | ...[...] | semmle.label | ...[...] |
+| hash_extensions.rb:80:15:80:25 | call to source :  | semmle.label | call to source :  |
+| hash_extensions.rb:80:15:80:25 | call to source :  | semmle.label | call to source :  |
+| hash_extensions.rb:80:28:80:38 | call to source :  | semmle.label | call to source :  |
+| hash_extensions.rb:80:28:80:38 | call to source :  | semmle.label | call to source :  |
+| hash_extensions.rb:80:41:80:51 | call to source :  | semmle.label | call to source :  |
+| hash_extensions.rb:80:41:80:51 | call to source :  | semmle.label | call to source :  |
+| hash_extensions.rb:81:9:81:14 | values [element 0] :  | semmle.label | values [element 0] :  |
+| hash_extensions.rb:81:9:81:14 | values [element 0] :  | semmle.label | values [element 0] :  |
+| hash_extensions.rb:81:9:81:14 | values [element 1] :  | semmle.label | values [element 1] :  |
+| hash_extensions.rb:81:9:81:14 | values [element 1] :  | semmle.label | values [element 1] :  |
+| hash_extensions.rb:81:9:81:14 | values [element 2] :  | semmle.label | values [element 2] :  |
+| hash_extensions.rb:81:9:81:14 | values [element 2] :  | semmle.label | values [element 2] :  |
+| hash_extensions.rb:81:9:84:7 | call to index_with [element] :  | semmle.label | call to index_with [element] :  |
+| hash_extensions.rb:81:9:84:7 | call to index_with [element] :  | semmle.label | call to index_with [element] :  |
+| hash_extensions.rb:81:31:81:33 | key :  | semmle.label | key :  |
+| hash_extensions.rb:81:31:81:33 | key :  | semmle.label | key :  |
+| hash_extensions.rb:82:14:82:16 | key | semmle.label | key |
+| hash_extensions.rb:82:14:82:16 | key | semmle.label | key |
+| hash_extensions.rb:83:9:83:19 | call to source :  | semmle.label | call to source :  |
+| hash_extensions.rb:83:9:83:19 | call to source :  | semmle.label | call to source :  |
+| hash_extensions.rb:86:10:86:10 | h [element] :  | semmle.label | h [element] :  |
+| hash_extensions.rb:86:10:86:10 | h [element] :  | semmle.label | h [element] :  |
+| hash_extensions.rb:86:10:86:16 | ...[...] | semmle.label | ...[...] |
+| hash_extensions.rb:86:10:86:16 | ...[...] | semmle.label | ...[...] |
+| hash_extensions.rb:87:10:87:10 | h [element] :  | semmle.label | h [element] :  |
+| hash_extensions.rb:87:10:87:10 | h [element] :  | semmle.label | h [element] :  |
+| hash_extensions.rb:87:10:87:16 | ...[...] | semmle.label | ...[...] |
+| hash_extensions.rb:87:10:87:16 | ...[...] | semmle.label | ...[...] |
+| hash_extensions.rb:89:9:89:38 | call to index_with [element] :  | semmle.label | call to index_with [element] :  |
+| hash_extensions.rb:89:9:89:38 | call to index_with [element] :  | semmle.label | call to index_with [element] :  |
+| hash_extensions.rb:89:27:89:37 | call to source :  | semmle.label | call to source :  |
+| hash_extensions.rb:89:27:89:37 | call to source :  | semmle.label | call to source :  |
+| hash_extensions.rb:91:10:91:10 | j [element] :  | semmle.label | j [element] :  |
+| hash_extensions.rb:91:10:91:10 | j [element] :  | semmle.label | j [element] :  |
+| hash_extensions.rb:91:10:91:16 | ...[...] | semmle.label | ...[...] |
+| hash_extensions.rb:91:10:91:16 | ...[...] | semmle.label | ...[...] |
+| hash_extensions.rb:92:10:92:10 | j [element] :  | semmle.label | j [element] :  |
+| hash_extensions.rb:92:10:92:10 | j [element] :  | semmle.label | j [element] :  |
+| hash_extensions.rb:92:10:92:16 | ...[...] | semmle.label | ...[...] |
+| hash_extensions.rb:92:10:92:16 | ...[...] | semmle.label | ...[...] |
 subpaths
 #select
 | active_support.rb:182:10:182:13 | ...[...] | active_support.rb:180:10:180:17 | call to source :  | active_support.rb:182:10:182:13 | ...[...] | $@ | active_support.rb:180:10:180:17 | call to source :  | call to source :  |
@@ -685,3 +759,10 @@ subpaths
 | hash_extensions.rb:74:10:74:16 | ...[...] | hash_extensions.rb:67:15:67:25 | call to source :  | hash_extensions.rb:74:10:74:16 | ...[...] | $@ | hash_extensions.rb:67:15:67:25 | call to source :  | call to source :  |
 | hash_extensions.rb:74:10:74:16 | ...[...] | hash_extensions.rb:67:28:67:38 | call to source :  | hash_extensions.rb:74:10:74:16 | ...[...] | $@ | hash_extensions.rb:67:28:67:38 | call to source :  | call to source :  |
 | hash_extensions.rb:74:10:74:16 | ...[...] | hash_extensions.rb:67:41:67:51 | call to source :  | hash_extensions.rb:74:10:74:16 | ...[...] | $@ | hash_extensions.rb:67:41:67:51 | call to source :  | call to source :  |
+| hash_extensions.rb:82:14:82:16 | key | hash_extensions.rb:80:15:80:25 | call to source :  | hash_extensions.rb:82:14:82:16 | key | $@ | hash_extensions.rb:80:15:80:25 | call to source :  | call to source :  |
+| hash_extensions.rb:82:14:82:16 | key | hash_extensions.rb:80:28:80:38 | call to source :  | hash_extensions.rb:82:14:82:16 | key | $@ | hash_extensions.rb:80:28:80:38 | call to source :  | call to source :  |
+| hash_extensions.rb:82:14:82:16 | key | hash_extensions.rb:80:41:80:51 | call to source :  | hash_extensions.rb:82:14:82:16 | key | $@ | hash_extensions.rb:80:41:80:51 | call to source :  | call to source :  |
+| hash_extensions.rb:86:10:86:16 | ...[...] | hash_extensions.rb:83:9:83:19 | call to source :  | hash_extensions.rb:86:10:86:16 | ...[...] | $@ | hash_extensions.rb:83:9:83:19 | call to source :  | call to source :  |
+| hash_extensions.rb:87:10:87:16 | ...[...] | hash_extensions.rb:83:9:83:19 | call to source :  | hash_extensions.rb:87:10:87:16 | ...[...] | $@ | hash_extensions.rb:83:9:83:19 | call to source :  | call to source :  |
+| hash_extensions.rb:91:10:91:16 | ...[...] | hash_extensions.rb:89:27:89:37 | call to source :  | hash_extensions.rb:91:10:91:16 | ...[...] | $@ | hash_extensions.rb:89:27:89:37 | call to source :  | call to source :  |
+| hash_extensions.rb:92:10:92:16 | ...[...] | hash_extensions.rb:89:27:89:37 | call to source :  | hash_extensions.rb:92:10:92:16 | ...[...] | $@ | hash_extensions.rb:89:27:89:37 | call to source :  | call to source :  |

ruby/ql/test/library-tests/frameworks/active_support/hash_extensions.rb

@@ -75,3 +75,21 @@ def m_index_by
 end
 
 m_index_by()
+
+def m_index_with
+    values = [source("a"), source("b"), source("c")]
+    h = values.index_with do |key|
+        sink key # $ hasValueFlow=a $ hasValueFlow=b $ hasValueFlow=c
+        source("x")
+    end
+
+    sink h[:foo] # $ hasValueFlow=x
+    sink h[:bar] # $ hasValueFlow=x
+
+    j = values.index_with(source("y"))
+
+    sink j[:foo] # $ hasValueFlow=y
+    sink j[:bar] # $ hasValueFlow=y
+end
+
+m_index_with()