move the implementation detail of how regular-expressions are tracked into RegExpConfiguration.qll"

erik-krogh · erik-krogh · commit d0b627b018ce · 2023-01-18T10:10:05.000+01:00
diff --git a/ruby/ql/lib/codeql/ruby/Regexp.qll b/ruby/ql/lib/codeql/ruby/Regexp.qll
@@ -7,7 +7,7 @@
 
 import regexp.RegExpTreeView // re-export
 private import regexp.internal.ParseRegExp
-private import regexp.internal.RegExpConfiguration
+private import regexp.internal.RegExpConfiguration as RegExpConfiguration // TODO: other name?
 private import codeql.ruby.AST as Ast
 private import codeql.ruby.CFG
 private import codeql.ruby.DataFlow
@@ -122,7 +122,7 @@ class StdLibRegExpInterpretation extends RegExpInterpretation::Range {
       mce.getMethodName() = ["match", "match?"] and
       this = mce.getArgument(0) and
       // exclude https://ruby-doc.org/core-2.4.0/Regexp.html#method-i-match
-      not mce.getReceiver() = trackRegexpType()
+      not mce.getReceiver() = RegExpConfiguration::trackRegexpType()
     )
   }
 }
@@ -132,9 +132,7 @@ class StdLibRegExpInterpretation extends RegExpInterpretation::Range {
  * as a part of a regular expression.
  */
 cached
-DataFlow::Node regExpSource(DataFlow::Node re) {
-  exists(RegExpConfiguration c | c.hasFlow(result, re))
-}
+DataFlow::Node regExpSource(DataFlow::Node re) { result = RegExpConfiguration::regExpSource(re) }
 
 /**
  * Holds if `exec` is a node where `regexp` is interpreted as a regular expression and
@@ -173,7 +171,7 @@ private predicate regexExecution(
     // also see `StdLibRegExpInterpretation`
     not (
       call.getMethodName() = ["match", "match?"] and
-      call.getReceiver() = trackRegexpType()
+      call.getReceiver() = RegExpConfiguration::trackRegexpType()
     )
   )
   or
diff --git a/ruby/ql/lib/codeql/ruby/regexp/internal/RegExpConfiguration.qll b/ruby/ql/lib/codeql/ruby/regexp/internal/RegExpConfiguration.qll
@@ -1,4 +1,4 @@
-private import codeql.ruby.Regexp
+private import codeql.ruby.Regexp as RE
 private import codeql.ruby.AST as Ast
 private import codeql.ruby.CFG
 private import codeql.ruby.DataFlow
@@ -30,7 +30,7 @@ class RegExpConfiguration extends Configuration {
 
   override predicate isSink(DataFlow::Node sink, DataFlow::FlowState state) {
     state = "string" and
-    sink instanceof RegExpInterpretation::Range
+    sink instanceof RE::RegExpInterpretation::Range
     or
     state = "reg" and
     sink = any(RegexExecution exec).getRegex()
@@ -96,3 +96,8 @@ private DataFlow::LocalSourceNode trackRegexpType(TypeTracker t) {
 }
 
 DataFlow::Node trackRegexpType() { trackRegexpType(TypeTracker::end()).flowsTo(result) }
+
+cached
+DataFlow::Node regExpSource(DataFlow::Node re) {
+  exists(RegExpConfiguration c | c.hasFlow(result, re))
+}
