Ruby: add some captured-variable flow tests

Author: asgerf

ruby/ql/test/library-tests/dataflow/global/Flow.expected

@@ -1,5 +1,17 @@
 failures
 edges
+| captured_variables.rb:1:24:1:24 | x :  | captured_variables.rb:2:20:2:20 | x |
+| captured_variables.rb:1:24:1:24 | x :  | captured_variables.rb:2:20:2:20 | x |
+| captured_variables.rb:5:20:5:30 | call to source :  | captured_variables.rb:1:24:1:24 | x :  |
+| captured_variables.rb:5:20:5:30 | call to source :  | captured_variables.rb:1:24:1:24 | x :  |
+| captured_variables.rb:21:33:21:33 | x :  | captured_variables.rb:23:14:23:14 | x |
+| captured_variables.rb:21:33:21:33 | x :  | captured_variables.rb:23:14:23:14 | x |
+| captured_variables.rb:27:29:27:39 | call to source :  | captured_variables.rb:21:33:21:33 | x :  |
+| captured_variables.rb:27:29:27:39 | call to source :  | captured_variables.rb:21:33:21:33 | x :  |
+| captured_variables.rb:32:31:32:31 | x :  | captured_variables.rb:34:14:34:14 | x |
+| captured_variables.rb:32:31:32:31 | x :  | captured_variables.rb:34:14:34:14 | x |
+| captured_variables.rb:38:27:38:37 | call to source :  | captured_variables.rb:32:31:32:31 | x :  |
+| captured_variables.rb:38:27:38:37 | call to source :  | captured_variables.rb:32:31:32:31 | x :  |
 | instance_variables.rb:10:19:10:19 | x :  | instance_variables.rb:11:18:11:18 | x :  |
 | instance_variables.rb:10:19:10:19 | x :  | instance_variables.rb:11:18:11:18 | x :  |
 | instance_variables.rb:11:18:11:18 | x :  | instance_variables.rb:11:9:11:14 | [post] self [@field] :  |
@@ -152,6 +164,24 @@ edges
 | instance_variables.rb:84:6:84:10 | foo13 [@field] :  | instance_variables.rb:84:6:84:20 | call to get_field |
 | instance_variables.rb:84:6:84:10 | foo13 [@field] :  | instance_variables.rb:84:6:84:20 | call to get_field |
 nodes
+| captured_variables.rb:1:24:1:24 | x :  | semmle.label | x :  |
+| captured_variables.rb:1:24:1:24 | x :  | semmle.label | x :  |
+| captured_variables.rb:2:20:2:20 | x | semmle.label | x |
+| captured_variables.rb:2:20:2:20 | x | semmle.label | x |
+| captured_variables.rb:5:20:5:30 | call to source :  | semmle.label | call to source :  |
+| captured_variables.rb:5:20:5:30 | call to source :  | semmle.label | call to source :  |
+| captured_variables.rb:21:33:21:33 | x :  | semmle.label | x :  |
+| captured_variables.rb:21:33:21:33 | x :  | semmle.label | x :  |
+| captured_variables.rb:23:14:23:14 | x | semmle.label | x |
+| captured_variables.rb:23:14:23:14 | x | semmle.label | x |
+| captured_variables.rb:27:29:27:39 | call to source :  | semmle.label | call to source :  |
+| captured_variables.rb:27:29:27:39 | call to source :  | semmle.label | call to source :  |
+| captured_variables.rb:32:31:32:31 | x :  | semmle.label | x :  |
+| captured_variables.rb:32:31:32:31 | x :  | semmle.label | x :  |
+| captured_variables.rb:34:14:34:14 | x | semmle.label | x |
+| captured_variables.rb:34:14:34:14 | x | semmle.label | x |
+| captured_variables.rb:38:27:38:37 | call to source :  | semmle.label | call to source :  |
+| captured_variables.rb:38:27:38:37 | call to source :  | semmle.label | call to source :  |
 | instance_variables.rb:10:19:10:19 | x :  | semmle.label | x :  |
 | instance_variables.rb:10:19:10:19 | x :  | semmle.label | x :  |
 | instance_variables.rb:11:9:11:14 | [post] self [@field] :  | semmle.label | [post] self [@field] :  |
@@ -335,6 +365,9 @@ subpaths
 | instance_variables.rb:84:6:84:10 | foo13 [@field] :  | instance_variables.rb:13:5:15:7 | self in get_field [@field] :  | instance_variables.rb:14:9:14:21 | return :  | instance_variables.rb:84:6:84:20 | call to get_field |
 | instance_variables.rb:84:6:84:10 | foo13 [@field] :  | instance_variables.rb:13:5:15:7 | self in get_field [@field] :  | instance_variables.rb:14:9:14:21 | return :  | instance_variables.rb:84:6:84:20 | call to get_field |
 #select
+| captured_variables.rb:2:20:2:20 | x | captured_variables.rb:5:20:5:30 | call to source :  | captured_variables.rb:2:20:2:20 | x | $@ | captured_variables.rb:5:20:5:30 | call to source :  | call to source :  |
+| captured_variables.rb:23:14:23:14 | x | captured_variables.rb:27:29:27:39 | call to source :  | captured_variables.rb:23:14:23:14 | x | $@ | captured_variables.rb:27:29:27:39 | call to source :  | call to source :  |
+| captured_variables.rb:34:14:34:14 | x | captured_variables.rb:38:27:38:37 | call to source :  | captured_variables.rb:34:14:34:14 | x | $@ | captured_variables.rb:38:27:38:37 | call to source :  | call to source :  |
 | instance_variables.rb:20:10:20:13 | @foo | instance_variables.rb:19:12:19:21 | call to taint :  | instance_variables.rb:20:10:20:13 | @foo | $@ | instance_variables.rb:19:12:19:21 | call to taint :  | call to taint :  |
 | instance_variables.rb:25:6:25:18 | call to get_field | instance_variables.rb:24:15:24:23 | call to taint :  | instance_variables.rb:25:6:25:18 | call to get_field | $@ | instance_variables.rb:24:15:24:23 | call to taint :  | call to taint :  |
 | instance_variables.rb:29:6:29:18 | call to inc_field | instance_variables.rb:28:15:28:22 | call to taint :  | instance_variables.rb:29:6:29:18 | call to inc_field | $@ | instance_variables.rb:28:15:28:22 | call to taint :  | call to taint :  |

ruby/ql/test/library-tests/dataflow/global/captured_variables.rb

@@ -0,0 +1,38 @@
+def capture_local_call x
+    fn = -> { sink(x) } # $ hasValueFlow=1.1
+    fn.call
+end
+capture_local_call source(1.1)
+
+def capture_escape_return1 x
+    -> {
+        sink(x) # $ MISSING: hasValueFlow=1.2
+    }
+end
+(capture_escape_return1 source(1.2)).call
+
+def capture_escape_return2 x
+    -> {
+        sink(x) # $ MISSING: hasValueFlow=1.3
+    }
+end
+Something.unknownMethod(capture_escape_return2 source(1.3))
+
+def capture_escape_unknown_call x
+    fn = -> {
+        sink(x) # $ hasValueFlow=1.4
+    }
+    Something.unknownMethod(fn)
+end
+capture_escape_unknown_call source(1.4)
+
+def call_it fn
+    fn.call
+end
+def capture_escape_known_call x
+    fn = -> {
+        sink(x) # $ hasValueFlow=1.5
+    }
+    call_it fn
+end
+capture_escape_known_call source(1.5)