improve qhelp based on doc review

erik-krogh · erik-krogh · commit eb564760be23 · 2023-02-08T11:00:54.000+01:00
diff --git a/ruby/ql/src/queries/security/cwe-020/MissingFullAnchor.qhelp b/ruby/ql/src/queries/security/cwe-020/MissingFullAnchor.qhelp
@@ -8,49 +8,38 @@
             Regular expressions in Ruby can use anchors to match the beginning and end of a string. 
             However, if the <code>^</code> and <code>$</code> anchors are used, 
             the regular expression can match a single line of a multi-line string.
+            This allows bad actors to bypass your regular expression checks and inject malicious input.
 		</p>
 	</overview>
 
 	<recommendation>
 		<p>
-            Use the <code>\A</code> and <code>\z</code> anchors to match the beginning and end of a string, 
-            as these will always match the beginning and end of the string, even if the string contains newlines.
+            Use the <code>\A</code> and <code>\z</code> anchors since these anchors will always
+            match the beginning and end of the string, even if the string contains newlines.
 		</p>
 	</recommendation>
 
 	<example>
 
 		<p>
-            The following example code uses a regular expression to check that a string contains only digits.
+            The following (bad) example code uses a regular expression to check that a string contains only digits.
 		</p>
 
-		<sample language="ruby">
-def bad(input) 
-    raise "Bad input" unless input =~ /^[0-9]+$/
-
-    # ....
-end
-        </sample>
+		<sample src="examples/missing_full_anchor_bad.rb" />
 
         <p>
             The regular expression <code>/^[0-9]+$/</code> will match a single line of a multi-line string, 
             which may not be the intended behavior. 
-            To match the entire string, the regular expression should be <code>\A[0-9]+\z</code>.
+            The following (good) example code uses the regular expression <code>\A[0-9]+\z</code> to match the entire input string.
         </p>
         
-        <sample language="ruby">
-def good(input)
-    raise "Bad input" unless input =~ /\A[0-9]+\z/
-
-    # ....
-end
-        </sample>
+        <sample src="examples/missing_full_anchor_good.rb" />
 
 	</example>
 
 	<references>
         <li>
-            RDoc Documentation: <a href="https://ruby-doc.org/3.2.0/Regexp.html#class-Regexp-label-Anchors">Anchors</a>
+            Ruby documentation: <a href="https://ruby-doc.org/3.2.0/Regexp.html#class-Regexp-label-Anchors">Anchors</a>
         </li>
 	</references>
 </qhelp>
diff --git a/ruby/ql/src/queries/security/cwe-020/examples/missing_full_anchor_bad.rb b/ruby/ql/src/queries/security/cwe-020/examples/missing_full_anchor_bad.rb
@@ -0,0 +1,5 @@
+def bad(input) 
+    raise "Bad input" unless input =~ /^[0-9]+$/
+
+    # ....
+end
diff --git a/ruby/ql/src/queries/security/cwe-020/examples/missing_full_anchor_good.rb b/ruby/ql/src/queries/security/cwe-020/examples/missing_full_anchor_good.rb
@@ -0,0 +1,5 @@
+def good(input)
+    raise "Bad input" unless input =~ /\A[0-9]+\z/
+
+    # ....
+end

-Original file line number
+Diff line change
@@ @@ -0,0 +1,5 @@ @@
 +def bad(input)
 +    raise "Bad input" unless input =~ /^[0-9]+$/
++
 +    # ....
 +end