Ruby: Re-factor provenance related predicates for summarized callable.

michaelnebel · michaelnebel · commit c01361a1fd8b · 2023-01-11T16:20:55.000+01:00
diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImplSpecific.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImplSpecific.qll
@@ -49,25 +49,23 @@ DataFlowType getSyntheticGlobalType(SummaryComponent::SyntheticGlobal sg) { any(
 
 /**
  * Holds if an external flow summary exists for `c` with input specification
- * `input`, output specification `output`, kind `kind`, and a flag `generated`
- * stating whether the summary is autogenerated.
+ * `input`, output specification `output`, kind `kind`, and provenance `provenance`.
  */
 predicate summaryElement(
-  FlowSummary::SummarizedCallable c, string input, string output, string kind, boolean generated
+  FlowSummary::SummarizedCallable c, string input, string output, string kind, string provenance
 ) {
   exists(boolean preservesValue |
     c.propagatesFlowExt(input, output, preservesValue) and
     (if preservesValue = true then kind = "value" else kind = "taint") and
-    generated = false
+    provenance = "manual"
   )
 }
 
 /**
- * Holds if a neutral model exists for `c`, which means that there is no
- * flow through `c`. The flag `generated` states whether the neutral model is autogenerated.
- * Note. Neutral models have not been implemented for ruby.
+ * Holds if a neutral model exists for `c` with provenance `provenance`,
+ * which means that there is no flow through `c`.
  */
-predicate neutralElement(FlowSummary::SummarizedCallable c, boolean generated) { none() }
+predicate neutralElement(FlowSummary::SummarizedCallable c, string provenance) { none() }
 
 bindingset[arg]
 private SummaryComponent interpretElementArg(string arg) {
@@ -207,17 +205,15 @@ NormalReturnKind getReturnValueKind() { any() }
 private module UnusedSourceSinkInterpretation {
   /**
    * Holds if an external source specification exists for `n` with output specification
-   * `output`, kind `kind`, and a flag `generated` stating whether the source specification is
-   * autogenerated.
+   * `output`, kind `kind`, and provenance `provenance`.
    */
-  predicate sourceElement(AstNode n, string output, string kind, boolean generated) { none() }
+  predicate sourceElement(AstNode n, string output, string kind, string provenance) { none() }
 
   /**
    * Holds if an external sink specification exists for `n` with input specification
-   * `input`, kind `kind` and a flag `generated` stating whether the sink specification is
-   * autogenerated.
+   * `input`, kind `kind` and provenance `provenance`.
    */
-  predicate sinkElement(AstNode n, string input, string kind, boolean generated) { none() }
+  predicate sinkElement(AstNode n, string input, string kind, string provenance) { none() }
 
   class SourceOrSinkElement = AstNode;
 
