Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ruby] Re-implemented "Ignore "Throwaway" AST Structures (#4982)" #4985

Merged
merged 2 commits into from
Oct 2, 2024
Merged

[ruby] Re-implemented "Ignore "Throwaway" AST Structures (#4982)" #4985

merged 2 commits into from
Oct 2, 2024

Conversation

DavidBakerEffendi
Copy link
Collaborator

This correctly prevents re-use of nodes that are already being used elsewhere by ensuring deep copies.

@DavidBakerEffendi
Revert "Revert "[ruby] Ignore "Throwaway" AST Structures (#4982)" (#4983
8df04c0 
)"

This reverts commit 464480d.
@DavidBakerEffendi
[ruby] Re-implemented "Ignore "Throwaway" AST Structures (#4982)"
13caf05 
This correctly prevents re-use of nodes that are already being used elsewhere by ensuring deep copies.
@DavidBakerEffendi DavidBakerEffendi added the ruby Relates to rubysrc2cpg label Oct 2, 2024
@DavidBakerEffendi DavidBakerEffendi self-assigned this Oct 2, 2024
@DavidBakerEffendi DavidBakerEffendi merged commit 115e65c into master Oct 2, 2024
5 checks passed
@DavidBakerEffendi DavidBakerEffendi deleted the dave/ruby/duplicate-type-ref-round-2 branch October 2, 2024 12:27
@maltek
Copy link
Contributor

maltek commented Oct 2, 2024

@DavidBakerEffendi with this PR, some lambda references seem to get mixed up:

for this file https://github.com/OWASP/railsgoat/blob/c1e8ff1e3b24a1c48fcfc9fbee0f65dc296b49d9/config/routes.rb

When I query for the lambda referenced in the :dashboard section, I get the lambda from the :pay section instead:

ocular> cpg.call.codeExact("""resources :dashboard do
     |     collection do
     |       get "home"
     |       get "change_graph"
     |     end
     |   end""").argument(2).isTypeRef.typ.referencedTypeDecl.code.l
val res62: List[String] = List(
  """do
      collection do
        post "update_dd_info"
        post "decrypted_bank_acct_num"
      end
    end"""
)

@DavidBakerEffendi
Copy link
Collaborator Author

@maltek alright will have to revisit how I match "live" lambdas to references without regenerating said lambdas and duplicating them

@DavidBakerEffendi
Copy link
Collaborator Author

@maltek Found the issue, RubyExpression nodes don't inherently consider the span in the calculation of its hash, so when put into any hashed context, nodes that only rely on span collide. A fix to come

@DavidBakerEffendi
Copy link
Collaborator Author

Fix: #4986

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AndreiDreyer AndreiDreyer AndreiDreyer approved these changes

Assignees

@DavidBakerEffendi DavidBakerEffendi

Labels
ruby Relates to rubysrc2cpg
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@DavidBakerEffendi @maltek @AndreiDreyer