Ruby: Model JSON.pretty_generate

Author: hmac

ruby/ql/lib/codeql/ruby/frameworks/Json.qll

@@ -15,7 +15,7 @@ module Json {
       row =
         [
           "json;;Member[JSON].Method[parse,parse!,load,restore];Argument[0];ReturnValue;taint",
-          "json;;Member[JSON].Method[generate,fast_generate,dump,unparse,fast_unparse];Argument[0];ReturnValue;taint",
+          "json;;Member[JSON].Method[generate,fast_generate,pretty_generate,dump,unparse,fast_unparse];Argument[0];ReturnValue;taint",
         ]
     }
   }

ruby/ql/test/library-tests/frameworks/json/JsonDataFlow.expected

@@ -6,9 +6,10 @@ edges
 | json.rb:4:19:4:28 | call to source :  | json.rb:4:6:4:29 | call to restore |
 | json.rb:6:20:6:29 | call to source :  | json.rb:6:6:6:30 | call to generate |
 | json.rb:7:25:7:34 | call to source :  | json.rb:7:6:7:35 | call to fast_generate |
-| json.rb:8:16:8:25 | call to source :  | json.rb:8:6:8:26 | call to dump |
-| json.rb:9:19:9:28 | call to source :  | json.rb:9:6:9:29 | call to unparse |
-| json.rb:10:24:10:33 | call to source :  | json.rb:10:6:10:34 | call to fast_unparse |
+| json.rb:8:27:8:36 | call to source :  | json.rb:8:6:8:37 | call to pretty_generate |
+| json.rb:9:16:9:25 | call to source :  | json.rb:9:6:9:26 | call to dump |
+| json.rb:10:19:10:28 | call to source :  | json.rb:10:6:10:29 | call to unparse |
+| json.rb:11:24:11:33 | call to source :  | json.rb:11:6:11:34 | call to fast_unparse |
 nodes
 | json.rb:1:6:1:27 | call to parse | semmle.label | call to parse |
 | json.rb:1:17:1:26 | call to source :  | semmle.label | call to source :  |
@@ -22,10 +23,12 @@ nodes
 | json.rb:6:20:6:29 | call to source :  | semmle.label | call to source :  |
 | json.rb:7:6:7:35 | call to fast_generate | semmle.label | call to fast_generate |
 | json.rb:7:25:7:34 | call to source :  | semmle.label | call to source :  |
-| json.rb:8:6:8:26 | call to dump | semmle.label | call to dump |
-| json.rb:8:16:8:25 | call to source :  | semmle.label | call to source :  |
-| json.rb:9:6:9:29 | call to unparse | semmle.label | call to unparse |
-| json.rb:9:19:9:28 | call to source :  | semmle.label | call to source :  |
-| json.rb:10:6:10:34 | call to fast_unparse | semmle.label | call to fast_unparse |
-| json.rb:10:24:10:33 | call to source :  | semmle.label | call to source :  |
+| json.rb:8:6:8:37 | call to pretty_generate | semmle.label | call to pretty_generate |
+| json.rb:8:27:8:36 | call to source :  | semmle.label | call to source :  |
+| json.rb:9:6:9:26 | call to dump | semmle.label | call to dump |
+| json.rb:9:16:9:25 | call to source :  | semmle.label | call to source :  |
+| json.rb:10:6:10:29 | call to unparse | semmle.label | call to unparse |
+| json.rb:10:19:10:28 | call to source :  | semmle.label | call to source :  |
+| json.rb:11:6:11:34 | call to fast_unparse | semmle.label | call to fast_unparse |
+| json.rb:11:24:11:33 | call to source :  | semmle.label | call to source :  |
 subpaths

ruby/ql/test/library-tests/frameworks/json/json.rb

@@ -5,6 +5,7 @@
 
 sink JSON.generate(source "a") # $hasTaintFlow=a
 sink JSON.fast_generate(source "a") # $hasTaintFlow=a
+sink JSON.pretty_generate(source "a") # $hasTaintFlow=a
 sink JSON.dump(source "a") # $hasTaintFlow=a
 sink JSON.unparse(source "a") # $hasTaintFlow=a
 sink JSON.fast_unparse(source "a") # $hasTaintFlow=a