Skip to content

Commit 8ad6c72

Browse files
alexrfordalexrford
committed
Ruby: configsig rb/unsafe-deserialization
1 parent 461bc0d commit 8ad6c72

File tree

2 files changed

+19
-5
lines changed

2 files changed

+19
-5
lines changed

ruby/ql/lib/codeql/ruby/security/UnsafeDeserializationQuery.qll

Lines changed: 16 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
* Provides a taint-tracking configuration for reasoning about unsafe deserialization.
33
*
44
* Note, for performance reasons: only import this file if
5-
* `UnsafeDeserialization::Configuration` is needed, otherwise
5+
* `UnsafeDeserializationFlow` is needed, otherwise
66
* `UnsafeDeserializationCustomizations` should be imported instead.
77
*/
88

@@ -13,8 +13,9 @@ import UnsafeDeserializationCustomizations
1313

1414
/**
1515
* A taint-tracking configuration for reasoning about unsafe deserialization.
16+
* DEPRECATED: Use `UnsafeDeserializationFlow`
1617
*/
17-
class Configuration extends TaintTracking::Configuration {
18+
deprecated class Configuration extends TaintTracking::Configuration {
1819
Configuration() { this = "UnsafeDeserialization" }
1920

2021
override predicate isSource(DataFlow::Node source) {
@@ -28,3 +29,16 @@ class Configuration extends TaintTracking::Configuration {
2829
node instanceof UnsafeDeserialization::Sanitizer
2930
}
3031
}
32+
33+
private module UnsafeDeserializationConfig implements DataFlow::ConfigSig {
34+
predicate isSource(DataFlow::Node source) { source instanceof UnsafeDeserialization::Source }
35+
36+
predicate isSink(DataFlow::Node sink) { sink instanceof UnsafeDeserialization::Sink }
37+
38+
predicate isBarrier(DataFlow::Node node) { node instanceof UnsafeDeserialization::Sanitizer }
39+
}
40+
41+
/**
42+
* Taint-tracking for reasoning about unsafe deserialization.
43+
*/
44+
module UnsafeCodeConstructionFlow = TaintTracking::Global<UnsafeDeserializationConfig>;

ruby/ql/src/queries/security/cwe-502/UnsafeDeserialization.ql

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -13,9 +13,9 @@
1313

1414
import ruby
1515
import codeql.ruby.security.UnsafeDeserializationQuery
16-
import DataFlow::PathGraph
16+
import UnsafeCodeConstructionFlow::PathGraph
1717

18-
from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
19-
where cfg.hasFlowPath(source, sink)
18+
from UnsafeCodeConstructionFlow::PathNode source, UnsafeCodeConstructionFlow::PathNode sink
19+
where UnsafeCodeConstructionFlow::flowPath(source, sink)
2020
select sink.getNode(), source, sink, "Unsafe deserialization depends on a $@.", source.getNode(),
2121
source.getNode().(UnsafeDeserialization::Source).describe()

0 commit comments

Comments
 (0)