ruby: add Rack::ResponseNode class

Author: alexrford

ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPublic.qll

@@ -1279,13 +1279,18 @@ class HashLiteralNode extends LocalSourceNode, ExprNode {
  * into calls to `Array.[]`, so this includes both desugared calls as well as
  * explicit calls.
  */
-class ArrayLiteralNode extends LocalSourceNode, ExprNode {
-  ArrayLiteralNode() { super.getExprNode() instanceof CfgNodes::ExprNodes::ArrayLiteralCfgNode }
+class ArrayLiteralNode extends LocalSourceNode, CallNode {
+  private CfgNodes::ExprNodes::ArrayLiteralCfgNode arrayNode;
+
+  ArrayLiteralNode() { super.getExprNode() = arrayNode }
 
   /**
    * Gets an element of the array.
    */
-  Node getAnElement() { result = this.(CallNode).getPositionalArgument(_) }
+  Node getAnElement() { result = this.getElement(_) }
+
+  /** Gets the `i`th element of the array. */
+  Node getElement(int i) { result = this.getPositionalArgument(i) }
 }
 
 /**

ruby/ql/lib/codeql/ruby/frameworks/Rack.qll

@@ -30,14 +30,14 @@ module Rack {
     DataFlow::ParameterNode getEnv() { result = call.getParameter(0) }
   }
 
-  private predicate isRackResponse(DataFlow::Node r) {
+  class ResponseNode extends DataFlow::ArrayLiteralNode {
     // [status, headers, body]
-    r.asExpr().(ArrayLiteralCfgNode).getNumberOfArguments() = 3
+    ResponseNode() { this.getNumberOfArguments() = 3 }
   }
 
   private DataFlow::LocalSourceNode trackRackResponse(TypeTracker t) {
     t.start() and
-    isRackResponse(result)
+    result instanceof ResponseNode
     or
     exists(TypeTracker t2 | result = trackRackResponse(t2).track(t2, t))
   }