Skip to content

Ruby: Postupdate notes for assignment expressions. #10622

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Sep 30, 2022
Merged

Ruby: Postupdate notes for assignment expressions. #10622

merged 4 commits into from
Sep 30, 2022

Conversation

@michaelnebel
Copy link
Contributor

This is a follow up of #10444
There is flow from "taint" to the field field on post-update node for x in the call to taint_field.

def taint_field x
  x.field = "taint"
end

taint_field(y = x)
sink(x.field)

@github-actions github-actions bot added the Ruby label Sep 29, 2022
hvitved
hvitved requested changes Sep 29, 2022
View reviewed changes
@michaelnebel michaelnebel force-pushed the ruby/postupdateassignexpr branch from cd5ca66 to dd0f19d Compare September 29, 2022 12:12
@michaelnebel michaelnebel marked this pull request as ready for review September 29, 2022 12:33
@michaelnebel michaelnebel requested a review from a team as a code owner September 29, 2022 12:33
@michaelnebel michaelnebel added the no-change-note-required This PR does not need a change note label Sep 29, 2022
hvitved
hvitved approved these changes Sep 29, 2022
View reviewed changes
Copy link
Contributor

@hvitved hvitved left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, LGTM. Let's see what DCA says.

@michaelnebel
Copy link
Contributor Author

DCA doesn't show any change in alerts or any signs of performance regressions.

@michaelnebel michaelnebel merged commit 82294c1 into github:main Sep 30, 2022
@michaelnebel michaelnebel deleted the ruby/postupdateassignexpr branch September 30, 2022 08:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hvitved hvitved hvitved approved these changes

Assignees

No one assigned

Labels

no-change-note-required This PR does not need a change note Ruby

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@michaelnebel @hvitved