Ruby: port queries to ConfigSig-style

2023-10-11 10:06:19 +02:00 · 2023-10-11 10:06:19 +02:00 · 89bd00a4ec
--- a/ruby/ql/lib/codeql/ruby/security/HttpToFileAccessQuery.qll
+++ b/ruby/ql/lib/codeql/ruby/security/HttpToFileAccessQuery.qll
@ -11,7 +11,23 @@ private import HttpToFileAccessCustomizations::HttpToFileAccess
 /**
 * A taint tracking configuration for writing user-controlled data to files.
 */
-class Configuration extends TaintTracking::Configuration {
+module HttpToFileAccessConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { source instanceof Source }
+
+  predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
+
+  predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
+}
+
+/**
+ * Taint tracking for writing user-controlled data to files.
+ */
+module HttpToFileAccessFlow = TaintTracking::Global<HttpToFileAccessConfig>;
+
+/**
+ * DEPRECATED. Use the `HttpToFileAccessFlow` module instead.
+ */
+deprecated class Configuration extends TaintTracking::Configuration {
  Configuration() { this = "HttpToFileAccess" }

  override predicate isSource(DataFlow::Node source) { source instanceof Source }
--- a/ruby/ql/lib/codeql/ruby/security/TaintedFormatStringQuery.qll
+++ b/ruby/ql/lib/codeql/ruby/security/TaintedFormatStringQuery.qll
@ -13,7 +13,23 @@ private import TaintedFormatStringCustomizations::TaintedFormatString
 /**
 * A taint-tracking configuration for format injections.
 */
-class Configuration extends TaintTracking::Configuration {
+module TaintedFormatStringConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { source instanceof Source }
+
+  predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
+
+  predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
+}
+
+/**
+ * Taint-tracking for format injections.
+ */
+module TaintedFormatStringFlow = TaintTracking::Global<TaintedFormatStringConfig>;
+
+/**
+ * DEPRECATED. Use the `TaintedFormatStringFlow` module instead.
+ */
+deprecated class Configuration extends TaintTracking::Configuration {
  Configuration() { this = "TaintedFormatString" }

  override predicate isSource(DataFlow::Node source) { source instanceof Source }
--- a/ruby/ql/src/queries/security/cwe-134/TaintedFormatString.ql
+++ b/ruby/ql/src/queries/security/cwe-134/TaintedFormatString.ql
@ -13,9 +13,9 @@
 import codeql.ruby.AST
 import codeql.ruby.DataFlow
 import codeql.ruby.security.TaintedFormatStringQuery
-import DataFlow::PathGraph
+import TaintedFormatStringFlow::PathGraph

-from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
-where cfg.hasFlowPath(source, sink)
+from TaintedFormatStringFlow::PathNode source, TaintedFormatStringFlow::PathNode sink
+where TaintedFormatStringFlow::flowPath(source, sink)
 select sink.getNode(), source, sink, "Format string depends on a $@.", source.getNode(),
  "user-provided value"
--- a/ruby/ql/src/queries/security/cwe-912/HttpToFileAccess.ql
+++ b/ruby/ql/src/queries/security/cwe-912/HttpToFileAccess.ql
@ -13,10 +13,10 @@

 import codeql.ruby.AST
 import codeql.ruby.DataFlow
-import codeql.ruby.DataFlow::DataFlow::PathGraph
 import codeql.ruby.security.HttpToFileAccessQuery
+import HttpToFileAccessFlow::PathGraph

-from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
-where cfg.hasFlowPath(source, sink)
+from HttpToFileAccessFlow::PathNode source, HttpToFileAccessFlow::PathNode sink
+where HttpToFileAccessFlow::flowPath(source, sink)
 select sink.getNode(), source, sink, "Write to file system depends on $@.", source.getNode(),
  "untrusted data"