Skip to content

Commit 7d68f6a

Browse files
Sim4n6Sim4n6
committed
added ActiveSupport::Multibyte::Chars normalize() sink
1 parent d772bb2 commit 7d68f6a

File tree

1 file changed

+12
-0
lines changed

1 file changed

+12
-0
lines changed

ruby/ql/lib/codeql/ruby/experimental/UnicodeBypassValidationQuery.qll

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -105,6 +105,18 @@ class Configuration extends TaintTracking::Configuration {
105105
mac = API::getTopLevelMember("UNF").getMember("Normalizer").getMethod("normalize") and
106106
sink = mac.getParameter(0).asSink()
107107
)
108+
or
109+
// ActiveSupport::Multibyte::Chars
110+
exists(DataFlow::CallNode cn, DataFlow::CallNode n |
111+
cn =
112+
API::getTopLevelMember("ActiveSupport")
113+
.getMember("Multibyte")
114+
.getMember("Chars")
115+
.getMethod("new")
116+
.getCallNode() and
117+
n = cn.(DataFlow::CallNode).getAMethodCall("normalize") and
118+
sink = cn.getArgument(0)
119+
)
108120
) and
109121
state instanceof PostValidation
110122
}

0 commit comments

Comments
 (0)