search

semgrep / pfff

pfff is mainly an OCaml API to write static analysis, dynamic analysis, code visualizations, code navigations, or style-preserving source-to-source transformations such as refactorings on source code.
https://semgrep.dev
Other
186 stars 29 forks source link

ruby: Fix translation of foo[:bar] #568

Closed IagoAbal closed 2 years ago

IagoAbal commented 2 years ago

It was translated as foo.](bar), where foo.] had the same range as foo[:bar] itself. This caused problems with taint-mode and field sensitivity. If foo[:bar] is tainted then foo.] is tainted by side-effect, and then foo[:other] ends up being tainted too.

We now translate it as foo.[(bar) instead... we use [ and ] tokens instead of the fake ( and ) ones so the range of the Call node is the correct one.

Helps PA-2087

test plan: Dump the AST of foo[:bar] and check it

Security

linear[bot] commented 2 years ago
PA-2087 ruby: Fix suboptimal translation of `foo[:bar]`

It's translated as `foo.](bar)` where `foo.]` has the same range as `foo[:bar]` itself, this causes problems with taint-mode and field sensitivity. If `foo[:bar]` is tainted then `foo.]` is tainted by side-effect, and `foo[:other]` ends up being tainted too.