Skip to content

Commit eb34bbb

Browse files
alexrfordalexrford
committed
Ruby: renames for rb/ldap-injection
1 parent d46eceb commit eb34bbb

2 files changed

Lines changed: 22 additions & 17 deletions

File tree

ruby/ql/lib/codeql/ruby/security/LdapInjectionQuery.qll

Lines changed: 19 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -5,25 +5,30 @@
55

66
private import codeql.ruby.DataFlow
77
private import codeql.ruby.TaintTracking
8+
private import LdapInjectionCustomizations::LdapInjection as LI
89

9-
/** Provides a taint-tracking configuration for detecting LDAP Injections vulnerabilities. */
10-
module LdapInjection {
10+
/**
11+
* Provides a taint-tracking configuration for detecting LDAP Injections vulnerabilities.
12+
* DEPRECATED: Use `LdapInjectionFlow` instead
13+
*/
14+
deprecated module LdapInjection {
1115
import LdapInjectionCustomizations::LdapInjection
16+
import TaintTracking::Global<LdapInjectionConfig>
17+
}
1218

13-
/**
14-
* A taint-tracking configuration for detecting LDAP Injections vulnerabilities.
15-
*/
16-
private module Config implements DataFlow::ConfigSig {
17-
predicate isSource(DataFlow::Node source) { source instanceof Source }
19+
private module LdapInjectionConfig implements DataFlow::ConfigSig {
20+
predicate isSource(DataFlow::Node source) { source instanceof LI::Source }
1821

19-
predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
22+
predicate isSink(DataFlow::Node sink) { sink instanceof LI::Sink }
2023

21-
predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
24+
predicate isBarrier(DataFlow::Node node) { node instanceof LI::Sanitizer }
2225

23-
predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
24-
LdapInjection::isAdditionalFlowStep(node1, node2)
25-
}
26+
predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
27+
LI::isAdditionalFlowStep(node1, node2)
2628
}
27-
28-
import TaintTracking::Global<Config>
2929
}
30+
31+
/**
32+
* Taint-tracking for detecting LDAP Injections vulnerabilities.
33+
*/
34+
module LdapInjectionFlow = TaintTracking::Global<LdapInjectionConfig>;

ruby/ql/src/experimental/ldap-injection/LdapInjection.ql

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -13,9 +13,9 @@
1313

1414
import codeql.ruby.DataFlow
1515
import codeql.ruby.security.LdapInjectionQuery
16-
import LdapInjection::PathGraph
16+
import LdapInjectionFlow::PathGraph
1717

18-
from LdapInjection::PathNode source, LdapInjection::PathNode sink
19-
where LdapInjection::flowPath(source, sink)
18+
from LdapInjectionFlow::PathNode source, LdapInjectionFlow::PathNode sink
19+
where LdapInjectionFlow::flowPath(source, sink)
2020
select sink.getNode(), source, sink, "This LDAP query depends on a $@.", source.getNode(),
2121
"user-provided value"

0 commit comments

Comments
 (0)