1 | | - | // rule openssl_dsa_init |
2 | | - | .decl Rule_Match_openssl_dsa_init_0(node: AST_NodeId) |
3 | | - | .output Rule_Match_openssl_dsa_init_0 |
4 | | - | Rule_Match_openssl_dsa_init_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "scope_resolution"), AST_NodeField(node3, node4, "scope"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "OpenSSL"), AST_NodeField(node3, node5, "name"), AST_NodeType(node5, "constant"), AST_NodeContent(node5, "PKey"), AST_NodeField(node2, node6, "name"), AST_NodeType(node6, "constant"), AST_NodeContent(node6, "DSA"), AST_NodeField(node1, node7, "method"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "new"). |
5 | | - | // rule ruby_lang_exec_using_user_input_shell_cmd_proc |
6 | | - | .decl Rule_Match_ruby_lang_exec_using_user_input_shell_cmd_proc_0(node: AST_NodeId, node2: AST_NodeId) |
7 | | - | .output Rule_Match_ruby_lang_exec_using_user_input_shell_cmd_proc_0 |
8 | | - | Rule_Match_ruby_lang_exec_using_user_input_shell_cmd_proc_0(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "command_processor"). |
9 | | - | .decl Rule_Match_ruby_lang_exec_using_user_input_shell_cmd_proc_1(node: AST_NodeId) |
10 | | - | .output Rule_Match_ruby_lang_exec_using_user_input_shell_cmd_proc_1 |
11 | | - | Rule_Match_ruby_lang_exec_using_user_input_shell_cmd_proc_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Shell"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "CommandProcessor"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
12 | 1 | | // rule ruby_third_parties_scout_apm |
13 | 2 | | .decl Rule_Match_ruby_third_parties_scout_apm_0(node: AST_NodeId, node7: AST_NodeId) |
14 | 3 | | .output Rule_Match_ruby_third_parties_scout_apm_0 |
| skipped 1 lines |
16 | 5 | | .decl Rule_Match_ruby_third_parties_scout_apm_1(node: AST_NodeId, node7: AST_NodeId) |
17 | 6 | | .output Rule_Match_ruby_third_parties_scout_apm_1 |
18 | 7 | | Rule_Match_ruby_third_parties_scout_apm_1(node1, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "ScoutApm"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Context"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "add"), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
| 8 | + | // rule ruby_rails_render_using_user_input_sanitized |
| 9 | + | .decl Rule_Match_ruby_rails_render_using_user_input_sanitized_0(node: AST_NodeId, node2: AST_NodeId, node4: AST_NodeId) |
| 10 | + | .output Rule_Match_ruby_rails_render_using_user_input_sanitized_0 |
| 11 | + | Rule_Match_ruby_rails_render_using_user_input_sanitized_0(node1, node2, node4) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, _). |
| 12 | + | // rule google_dataflow_value_classes |
| 13 | + | // rule ruby_lang_http_url_using_user_input_net_http_new |
| 14 | + | .decl Rule_Match_ruby_lang_http_url_using_user_input_net_http_new_1(node: AST_NodeId, node5: AST_NodeId) |
| 15 | + | .output Rule_Match_ruby_lang_http_url_using_user_input_net_http_new_1 |
| 16 | + | Rule_Match_ruby_lang_http_url_using_user_input_net_http_new_1(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "HTTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, _), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
| 17 | + | // rule ruby_third_parties_open_telemetry |
| 18 | + | .decl Rule_Match_ruby_third_parties_open_telemetry_0(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
| 19 | + | .output Rule_Match_ruby_third_parties_open_telemetry_0 |
| 20 | + | Rule_Match_ruby_third_parties_open_telemetry_0(node1, node2, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 21 | + | .decl Rule_Match_ruby_third_parties_open_telemetry_1(node: AST_NodeId, node6: AST_NodeId) |
| 22 | + | .output Rule_Match_ruby_third_parties_open_telemetry_1 |
| 23 | + | Rule_Match_ruby_third_parties_open_telemetry_1(node1, node6) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "in_span"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _), AST_ParentChild(node4, 1, node6), AST_NodeType(node6, _). |
| 24 | + | // rule ruby_third_parties_bigquery_dataset |
| 25 | + | .decl Rule_Match_ruby_third_parties_bigquery_dataset_0(node: AST_NodeId, node2: AST_NodeId) |
| 26 | + | .output Rule_Match_ruby_third_parties_bigquery_dataset_0 |
| 27 | + | Rule_Match_ruby_third_parties_bigquery_dataset_0(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "dataset"). |
| 28 | + | // rule ruby_rails_insecure_smtp |
| 29 | + | // rule ruby_rails_insecure_communication |
| 30 | + | // rule ruby_lang_path_using_user_input |
| 31 | + | .decl Rule_Match_ruby_lang_path_using_user_input_0(node: AST_NodeId, node3: AST_NodeId) |
| 32 | + | .output Rule_Match_ruby_lang_path_using_user_input_0 |
| 33 | + | Rule_Match_ruby_lang_path_using_user_input_0(node1, node3) :- AST_NodeType(node1, "element_reference"), AST_NodeField(node1, node2, "object"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Dir"), AST_ParentChild(node1, 0, node3), AST_NodeType(node3, _). |
| 34 | + | .decl Rule_Match_ruby_lang_path_using_user_input_1(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
| 35 | + | .output Rule_Match_ruby_lang_path_using_user_input_1 |
| 36 | + | Rule_Match_ruby_lang_path_using_user_input_1(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 37 | + | .decl Rule_Match_ruby_lang_path_using_user_input_2(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
| 38 | + | .output Rule_Match_ruby_lang_path_using_user_input_2 |
| 39 | + | Rule_Match_ruby_lang_path_using_user_input_2(node1, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "IO"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 40 | + | .decl Rule_Match_ruby_lang_path_using_user_input_3(node: AST_NodeId, node5: AST_NodeId) |
| 41 | + | .output Rule_Match_ruby_lang_path_using_user_input_3 |
| 42 | + | Rule_Match_ruby_lang_path_using_user_input_3(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Kernel"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "open"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 43 | + | .decl Rule_Match_ruby_lang_path_using_user_input_4(node: AST_NodeId, node4: AST_NodeId) |
| 44 | + | .output Rule_Match_ruby_lang_path_using_user_input_4 |
| 45 | + | Rule_Match_ruby_lang_path_using_user_input_4(node1, node4) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "open"), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, _). |
| 46 | + | .decl Rule_Match_ruby_lang_path_using_user_input_5(node: AST_NodeId, node5: AST_NodeId) |
| 47 | + | .output Rule_Match_ruby_lang_path_using_user_input_5 |
| 48 | + | Rule_Match_ruby_lang_path_using_user_input_5(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "PStore"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "new"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 49 | + | .decl Rule_Match_ruby_lang_path_using_user_input_6(node: AST_NodeId, node5: AST_NodeId, node7: AST_NodeId) |
| 50 | + | .output Rule_Match_ruby_lang_path_using_user_input_6 |
| 51 | + | Rule_Match_ruby_lang_path_using_user_input_6(node1, node5, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Gem"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Util"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, _), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
| 52 | + | .decl Rule_Match_ruby_lang_path_using_user_input_7(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
| 53 | + | .output Rule_Match_ruby_lang_path_using_user_input_7 |
| 54 | + | Rule_Match_ruby_lang_path_using_user_input_7(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 55 | + | .decl Rule_Match_ruby_lang_path_using_user_input_8(node: AST_NodeId, node2: AST_NodeId, node4: AST_NodeId) |
| 56 | + | .output Rule_Match_ruby_lang_path_using_user_input_8 |
| 57 | + | Rule_Match_ruby_lang_path_using_user_input_8(node1, node2, node4) :- AST_NodeType(node1, "binary"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "operator"), AST_NodeType(node3, "+"), AST_NodeField(node1, node4, "right"), AST_NodeType(node4, _). |
| 58 | + | .decl Rule_Match_ruby_lang_path_using_user_input_9(node: AST_NodeId, node2: AST_NodeId, node4: AST_NodeId) |
| 59 | + | .output Rule_Match_ruby_lang_path_using_user_input_9 |
| 60 | + | Rule_Match_ruby_lang_path_using_user_input_9(node1, node2, node4) :- AST_NodeType(node1, "binary"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "operator"), AST_NodeType(node3, "/"), AST_NodeField(node1, node4, "right"), AST_NodeType(node4, _). |
| 61 | + | .decl Rule_Match_ruby_lang_path_using_user_input_10(node: AST_NodeId, node5: AST_NodeId) |
| 62 | + | .output Rule_Match_ruby_lang_path_using_user_input_10 |
| 63 | + | Rule_Match_ruby_lang_path_using_user_input_10(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Shell"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "cd"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 64 | + | .decl Rule_Match_ruby_lang_path_using_user_input_11(node: AST_NodeId, node5: AST_NodeId) |
| 65 | + | .output Rule_Match_ruby_lang_path_using_user_input_11 |
| 66 | + | Rule_Match_ruby_lang_path_using_user_input_11(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Shell"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "new"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 67 | + | .decl Rule_Match_ruby_lang_path_using_user_input_12(node: AST_NodeId, node5: AST_NodeId) |
| 68 | + | .output Rule_Match_ruby_lang_path_using_user_input_12 |
| 69 | + | Rule_Match_ruby_lang_path_using_user_input_12(node1, node5) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Shell"), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "default_system_path"), AST_NodeField(node1, node5, "right"), AST_NodeType(node5, _). |
| 70 | + | .decl Rule_Match_ruby_lang_path_using_user_input_13(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
| 71 | + | .output Rule_Match_ruby_lang_path_using_user_input_13 |
| 72 | + | Rule_Match_ruby_lang_path_using_user_input_13(node1, node2, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 73 | + | .decl Rule_Match_ruby_lang_path_using_user_input_14(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
| 74 | + | .output Rule_Match_ruby_lang_path_using_user_input_14 |
| 75 | + | Rule_Match_ruby_lang_path_using_user_input_14(node1, node2, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 76 | + | .decl Rule_Match_ruby_lang_path_using_user_input_15(node: AST_NodeId, node2: AST_NodeId, node4: AST_NodeId) |
| 77 | + | .output Rule_Match_ruby_lang_path_using_user_input_15 |
| 78 | + | Rule_Match_ruby_lang_path_using_user_input_15(node1, node2, node4) :- AST_NodeType(node1, "element_reference"), AST_NodeField(node1, node2, "object"), AST_NodeType(node2, _), AST_ParentChild(node1, 0, node3), AST_NodeType(node3, _), AST_ParentChild(node1, 1, node4), AST_NodeType(node4, _). |
| 79 | + | .decl Rule_Match_ruby_lang_path_using_user_input_16(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
| 80 | + | .output Rule_Match_ruby_lang_path_using_user_input_16 |
| 81 | + | Rule_Match_ruby_lang_path_using_user_input_16(node1, node2, node5) :- AST_NodeType(node1, "call"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "transact"), AST_NodeField(node1, node4, "block"), AST_NodeType(node4, "do_block"), !AST_NodeField(node4, _, "parameters"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 82 | + | .decl Rule_Match_ruby_lang_path_using_user_input_17(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
| 83 | + | .output Rule_Match_ruby_lang_path_using_user_input_17 |
| 84 | + | Rule_Match_ruby_lang_path_using_user_input_17(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "pair"), AST_NodeField(node4, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":CurioVar1"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "CurioVar1")), AST_NodeField(node4, node5, "value"), AST_NodeType(node5, _). |
| 85 | + | .decl Rule_Match_ruby_lang_path_using_user_input_18(node: AST_NodeId, node2: AST_NodeId, node6: AST_NodeId) |
| 86 | + | .output Rule_Match_ruby_lang_path_using_user_input_18 |
| 87 | + | Rule_Match_ruby_lang_path_using_user_input_18(node1, node2, node6) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "hash"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, "pair"), AST_NodeField(node5, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":CurioVar1"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "CurioVar1")), AST_NodeField(node5, node6, "value"), AST_NodeType(node6, _). |
| 88 | + | .decl Rule_Match_ruby_lang_path_using_user_input_19(node: AST_NodeId, node4: AST_NodeId) |
| 89 | + | .output Rule_Match_ruby_lang_path_using_user_input_19 |
| 90 | + | Rule_Match_ruby_lang_path_using_user_input_19(node1, node4) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "send_file"), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, _). |
| 91 | + | // rule ruby_third_parties_clickhouse_insert_rows |
| 92 | + | // rule ruby_rails_logger |
| 93 | + | .decl Rule_Match_ruby_rails_logger_0(node: AST_NodeId, node5: AST_NodeId, node7: AST_NodeId) |
| 94 | + | .output Rule_Match_ruby_rails_logger_0 |
| 95 | + | Rule_Match_ruby_rails_logger_0(node1, node5, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Rails"), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "logger"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, _), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
| 96 | + | // rule ruby_third_parties_bigquery_insert_async |
| 97 | + | .decl Rule_Match_ruby_third_parties_bigquery_insert_async_0(node: AST_NodeId, node2: AST_NodeId) |
| 98 | + | .output Rule_Match_ruby_third_parties_bigquery_insert_async_0 |
| 99 | + | Rule_Match_ruby_third_parties_bigquery_insert_async_0(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "insert_async"). |
| 100 | + | .decl Rule_Match_ruby_third_parties_bigquery_insert_async_1(node: AST_NodeId, node2: AST_NodeId) |
| 101 | + | .output Rule_Match_ruby_third_parties_bigquery_insert_async_1 |
| 102 | + | Rule_Match_ruby_third_parties_bigquery_insert_async_1(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "insert_async"). |
| 103 | + | .decl Rule_Match_ruby_third_parties_bigquery_insert_async_2(node: AST_NodeId, node2: AST_NodeId) |
| 104 | + | .output Rule_Match_ruby_third_parties_bigquery_insert_async_2 |
| 105 | + | Rule_Match_ruby_third_parties_bigquery_insert_async_2(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "insert_async"). |
| 106 | + | // rule openssl_dsa_init |
| 107 | + | .decl Rule_Match_openssl_dsa_init_0(node: AST_NodeId) |
| 108 | + | .output Rule_Match_openssl_dsa_init_0 |
| 109 | + | Rule_Match_openssl_dsa_init_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "scope_resolution"), AST_NodeField(node3, node4, "scope"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "OpenSSL"), AST_NodeField(node3, node5, "name"), AST_NodeType(node5, "constant"), AST_NodeContent(node5, "PKey"), AST_NodeField(node2, node6, "name"), AST_NodeType(node6, "constant"), AST_NodeContent(node6, "DSA"), AST_NodeField(node1, node7, "method"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "new"). |
| 110 | + | // rule ruby_lang_http_insecure_curb |
| 111 | + | .decl Rule_Match_ruby_lang_http_insecure_curb_0(node: AST_NodeId) |
| 112 | + | .output Rule_Match_ruby_lang_http_insecure_curb_0 |
| 113 | + | Rule_Match_ruby_lang_http_insecure_curb_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Curl"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Easy"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
| 114 | + | // rule ruby_third_parties_bigquery_table |
| 115 | + | .decl Rule_Match_ruby_third_parties_bigquery_table_0(node: AST_NodeId, node2: AST_NodeId) |
| 116 | + | .output Rule_Match_ruby_third_parties_bigquery_table_0 |
| 117 | + | Rule_Match_ruby_third_parties_bigquery_table_0(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "table"). |
| 118 | + | .decl Rule_Match_ruby_third_parties_bigquery_table_1(node: AST_NodeId, node2: AST_NodeId) |
| 119 | + | .output Rule_Match_ruby_third_parties_bigquery_table_1 |
| 120 | + | Rule_Match_ruby_third_parties_bigquery_table_1(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "create_table"). |
| 121 | + | // rule ruby_third_parties_airbrake |
| 122 | + | .decl Rule_Match_ruby_third_parties_airbrake_0(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
| 123 | + | .output Rule_Match_ruby_third_parties_airbrake_0 |
| 124 | + | Rule_Match_ruby_third_parties_airbrake_0(node1, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Airbrake"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 125 | + | .decl Rule_Match_ruby_third_parties_airbrake_2(node: AST_NodeId, node5: AST_NodeId) |
| 126 | + | .output Rule_Match_ruby_third_parties_airbrake_2 |
| 127 | + | Rule_Match_ruby_third_parties_airbrake_2(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Airbrake"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "merge_context"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 128 | + | .decl Rule_Match_ruby_third_parties_airbrake_3(node: AST_NodeId, node3: AST_NodeId) |
| 129 | + | .output Rule_Match_ruby_third_parties_airbrake_3 |
| 130 | + | Rule_Match_ruby_third_parties_airbrake_3(node1, node3) :- AST_NodeType(node1, "method"), !AST_NodeField(node1, _, "parameters"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "to_airbrake"), AST_ParentChild(node1, 0, node3), AST_NodeType(node3, _). |
19 | 131 | | // rule ruby_third_parties_elasticsearch |
20 | 132 | | .decl Rule_Match_ruby_third_parties_elasticsearch_0(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId, node6: AST_NodeId) |
21 | 133 | | .output Rule_Match_ruby_third_parties_elasticsearch_0 |
| skipped 1 lines |
23 | 135 | | .decl Rule_Match_ruby_third_parties_elasticsearch_1(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId, node7: AST_NodeId) |
24 | 136 | | .output Rule_Match_ruby_third_parties_elasticsearch_1 |
25 | 137 | | Rule_Match_ruby_third_parties_elasticsearch_1(node1, node2, node3, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, "hash"), AST_ParentChild(node5, 0, node6), AST_NodeType(node6, "pair"), AST_NodeField(node6, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":body"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "body")), AST_NodeField(node6, node7, "value"), AST_NodeType(node7, _). |
26 | | - | // rule ruby_lang_http_insecure_curb |
27 | | - | .decl Rule_Match_ruby_lang_http_insecure_curb_0(node: AST_NodeId) |
28 | | - | .output Rule_Match_ruby_lang_http_insecure_curb_0 |
29 | | - | Rule_Match_ruby_lang_http_insecure_curb_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Curl"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Easy"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
30 | | - | // rule ruby_lang_reflection_using_user_input_user_input |
31 | | - | .decl Rule_Match_ruby_lang_reflection_using_user_input_user_input_0(node: AST_NodeId) |
32 | | - | .output Rule_Match_ruby_lang_reflection_using_user_input_user_input_0 |
33 | | - | Rule_Match_ruby_lang_reflection_using_user_input_user_input_0(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "params"). |
34 | | - | .decl Rule_Match_ruby_lang_reflection_using_user_input_user_input_1(node: AST_NodeId) |
35 | | - | .output Rule_Match_ruby_lang_reflection_using_user_input_user_input_1 |
36 | | - | Rule_Match_ruby_lang_reflection_using_user_input_user_input_1(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "request"). |
37 | | - | .decl Rule_Match_ruby_lang_reflection_using_user_input_user_input_2(node: AST_NodeId) |
38 | | - | .output Rule_Match_ruby_lang_reflection_using_user_input_user_input_2 |
39 | | - | Rule_Match_ruby_lang_reflection_using_user_input_user_input_2(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "cookies"). |
40 | | - | .decl Rule_Match_ruby_lang_reflection_using_user_input_user_input_3(node: AST_NodeId) |
41 | | - | .output Rule_Match_ruby_lang_reflection_using_user_input_user_input_3 |
42 | | - | Rule_Match_ruby_lang_reflection_using_user_input_user_input_3(node1) :- AST_NodeType(node1, "method"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "parameters"), AST_NodeType(node3, "method_parameters"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "keyword_parameter"), !AST_NodeField(node4, _, "value"), AST_NodeField(node4, node5, "name"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "event"), AST_ParentChild(node3, 1, node6), AST_NodeType(node6, "keyword_parameter"), !AST_NodeField(node6, _, "value"), AST_NodeField(node6, node7, "name"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "context"). |
43 | | - | // rule google_dataflow_config |
44 | | - | .decl Rule_Match_google_dataflow_config_0(node: AST_NodeId, node2: AST_NodeId) |
45 | | - | .output Rule_Match_google_dataflow_config_0 |
46 | | - | Rule_Match_google_dataflow_config_0(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "configure"). |
47 | | - | .decl Rule_Match_google_dataflow_config_1(node: AST_NodeId, node2: AST_NodeId) |
48 | | - | .output Rule_Match_google_dataflow_config_1 |
49 | | - | Rule_Match_google_dataflow_config_1(node1, node2) :- AST_NodeType(node1, "call"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "configure"), AST_NodeField(node1, node4, "block"), AST_NodeType(node4, "block"), AST_NodeField(node4, node5, "parameters"), AST_NodeType(node5, "block_parameters"), AST_ParentChild(node5, 0, node6), AST_NodeType(node6, _). |
50 | | - | // rule ruby_rails_insecure_disabling_of_callback |
51 | | - | .decl Rule_Match_ruby_rails_insecure_disabling_of_callback_0(node: AST_NodeId, node2: AST_NodeId) |
52 | | - | .output Rule_Match_ruby_rails_insecure_disabling_of_callback_0 |
53 | | - | Rule_Match_ruby_rails_insecure_disabling_of_callback_0(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "pair"), AST_NodeField(node4, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":CurioVar1"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "CurioVar1")), AST_NodeField(node4, node5, "value"), AST_NodeType(node5, _). |
54 | | - | // rule blowfish_init |
55 | | - | .decl Rule_Match_blowfish_init_0(node: AST_NodeId) |
56 | | - | .output Rule_Match_blowfish_init_0 |
57 | | - | Rule_Match_blowfish_init_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Crypt"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Blowfish"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
58 | | - | // rule ruby_lang_exec_using_user_input_shell |
59 | | - | .decl Rule_Match_ruby_lang_exec_using_user_input_shell_0(node: AST_NodeId) |
60 | | - | .output Rule_Match_ruby_lang_exec_using_user_input_shell_0 |
61 | | - | Rule_Match_ruby_lang_exec_using_user_input_shell_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Shell"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "new"). |
62 | | - | // rule ruby_lang_http_insecure_url_hash |
63 | | - | .decl Rule_Match_ruby_lang_http_insecure_url_hash_0(node: AST_NodeId, node3: AST_NodeId) |
64 | | - | .output Rule_Match_ruby_lang_http_insecure_url_hash_0 |
65 | | - | Rule_Match_ruby_lang_http_insecure_url_hash_0(node1, node3) :- AST_NodeType(node1, "hash"), AST_ParentChild(node1, 0, node2), AST_NodeType(node2, "pair"), AST_NodeField(node2, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":url"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "url")), AST_NodeField(node2, node3, "value"), AST_NodeType(node3, _). |
| 138 | + | // rule ruby_lang_deserialization_of_user_input |
| 139 | + | .decl Rule_Match_ruby_lang_deserialization_of_user_input_0(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
| 140 | + | .output Rule_Match_ruby_lang_deserialization_of_user_input_0 |
| 141 | + | Rule_Match_ruby_lang_deserialization_of_user_input_0(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "load"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 142 | + | .decl Rule_Match_ruby_lang_deserialization_of_user_input_1(node: AST_NodeId, node5: AST_NodeId) |
| 143 | + | .output Rule_Match_ruby_lang_deserialization_of_user_input_1 |
| 144 | + | Rule_Match_ruby_lang_deserialization_of_user_input_1(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Marshal"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "restore"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 145 | + | .decl Rule_Match_ruby_lang_deserialization_of_user_input_2(node: AST_NodeId, node5: AST_NodeId) |
| 146 | + | .output Rule_Match_ruby_lang_deserialization_of_user_input_2 |
| 147 | + | Rule_Match_ruby_lang_deserialization_of_user_input_2(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Oj"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "object_load"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 148 | + | // rule ruby_rails_session_key_using_user_input_user_input |
| 149 | + | .decl Rule_Match_ruby_rails_session_key_using_user_input_user_input_0(node: AST_NodeId) |
| 150 | + | .output Rule_Match_ruby_rails_session_key_using_user_input_user_input_0 |
| 151 | + | Rule_Match_ruby_rails_session_key_using_user_input_user_input_0(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "params"). |
| 152 | + | .decl Rule_Match_ruby_rails_session_key_using_user_input_user_input_1(node: AST_NodeId) |
| 153 | + | .output Rule_Match_ruby_rails_session_key_using_user_input_user_input_1 |
| 154 | + | Rule_Match_ruby_rails_session_key_using_user_input_user_input_1(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "request"). |
| 155 | + | .decl Rule_Match_ruby_rails_session_key_using_user_input_user_input_2(node: AST_NodeId) |
| 156 | + | .output Rule_Match_ruby_rails_session_key_using_user_input_user_input_2 |
| 157 | + | Rule_Match_ruby_rails_session_key_using_user_input_user_input_2(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "cookies"). |
| 158 | + | // rule google_dataflow_template_metadata_init |
| 159 | + | // rule ruby_lang_path_using_user_input_shell_cmd_proc |
| 160 | + | .decl Rule_Match_ruby_lang_path_using_user_input_shell_cmd_proc_0(node: AST_NodeId, node2: AST_NodeId) |
| 161 | + | .output Rule_Match_ruby_lang_path_using_user_input_shell_cmd_proc_0 |
| 162 | + | Rule_Match_ruby_lang_path_using_user_input_shell_cmd_proc_0(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "command_processor"). |
| 163 | + | .decl Rule_Match_ruby_lang_path_using_user_input_shell_cmd_proc_1(node: AST_NodeId) |
| 164 | + | .output Rule_Match_ruby_lang_path_using_user_input_shell_cmd_proc_1 |
| 165 | + | Rule_Match_ruby_lang_path_using_user_input_shell_cmd_proc_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Shell"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "CommandProcessor"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
| 166 | + | // rule ruby_third_parties_bigquery_client |
| 167 | + | .decl Rule_Match_ruby_third_parties_bigquery_client_0(node: AST_NodeId) |
| 168 | + | .output Rule_Match_ruby_third_parties_bigquery_client_0 |
| 169 | + | Rule_Match_ruby_third_parties_bigquery_client_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "scope_resolution"), AST_NodeField(node3, node4, "scope"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Google"), AST_NodeField(node3, node5, "name"), AST_NodeType(node5, "constant"), AST_NodeContent(node5, "Cloud"), AST_NodeField(node2, node6, "name"), AST_NodeType(node6, "constant"), AST_NodeContent(node6, "Bigquery"), AST_NodeField(node1, node7, "method"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "new"). |
| 170 | + | .decl Rule_Match_ruby_third_parties_bigquery_client_1(node: AST_NodeId) |
| 171 | + | .output Rule_Match_ruby_third_parties_bigquery_client_1 |
| 172 | + | Rule_Match_ruby_third_parties_bigquery_client_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "scope_resolution"), AST_NodeField(node3, node4, "scope"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Google"), AST_NodeField(node3, node5, "name"), AST_NodeType(node5, "constant"), AST_NodeContent(node5, "Cloud"), AST_NodeField(node2, node6, "name"), AST_NodeType(node6, "constant"), AST_NodeContent(node6, "Bigquery"), AST_NodeField(node1, node7, "method"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "new"). |
66 | 173 | | // rule ruby_lang_weak_encryption_with_data |
67 | 174 | | .decl Rule_Match_ruby_lang_weak_encryption_with_data_0(node: AST_NodeId, node7: AST_NodeId) |
68 | 175 | | .output Rule_Match_ruby_lang_weak_encryption_with_data_0 |
| skipped 22 lines |
91 | 198 | | .decl Rule_Match_ruby_lang_weak_encryption_with_data_8(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
92 | 199 | | .output Rule_Match_ruby_lang_weak_encryption_with_data_8 |
93 | 200 | | Rule_Match_ruby_lang_weak_encryption_with_data_8(node1, node2, node3, node5) :- AST_NodeType(node1, "call"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "block"), AST_NodeType(node4, "do_block"), !AST_NodeField(node4, _, "parameters"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
94 | | - | // rule ruby_third_parties_clickhouse |
95 | | - | .decl Rule_Match_ruby_third_parties_clickhouse_0(node: AST_NodeId, node2: AST_NodeId, node4: AST_NodeId) |
96 | | - | .output Rule_Match_ruby_third_parties_clickhouse_0 |
97 | | - | Rule_Match_ruby_third_parties_clickhouse_0(node1, node2, node4) :- AST_NodeType(node1, "binary"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "operator"), AST_NodeType(node3, "<<"), AST_NodeField(node1, node4, "right"), AST_NodeType(node4, _). |
| 201 | + | // rule ruby_third_parties_rollbar_scope |
| 202 | + | .decl Rule_Match_ruby_third_parties_rollbar_scope_0(node: AST_NodeId) |
| 203 | + | .output Rule_Match_ruby_third_parties_rollbar_scope_0 |
| 204 | + | Rule_Match_ruby_third_parties_rollbar_scope_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Rollbar"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "scope"). |
| 205 | + | // rule ruby_lang_eval_using_user_input |
| 206 | + | .decl Rule_Match_ruby_lang_eval_using_user_input_0(node: AST_NodeId, node7: AST_NodeId) |
| 207 | + | .output Rule_Match_ruby_lang_eval_using_user_input_0 |
| 208 | + | Rule_Match_ruby_lang_eval_using_user_input_0(node1, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "RubyVM"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "InstructionSequence"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "compile"), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
| 209 | + | .decl Rule_Match_ruby_lang_eval_using_user_input_1(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
| 210 | + | .output Rule_Match_ruby_lang_eval_using_user_input_1 |
| 211 | + | Rule_Match_ruby_lang_eval_using_user_input_1(node1, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 212 | + | .decl Rule_Match_ruby_lang_eval_using_user_input_2(node: AST_NodeId, node2: AST_NodeId, node4: AST_NodeId) |
| 213 | + | .output Rule_Match_ruby_lang_eval_using_user_input_2 |
| 214 | + | Rule_Match_ruby_lang_eval_using_user_input_2(node1, node2, node4) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, _). |
| 215 | + | // rule ruby_rails_render_using_user_input_user_input |
| 216 | + | .decl Rule_Match_ruby_rails_render_using_user_input_user_input_0(node: AST_NodeId) |
| 217 | + | .output Rule_Match_ruby_rails_render_using_user_input_user_input_0 |
| 218 | + | Rule_Match_ruby_rails_render_using_user_input_user_input_0(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "params"). |
| 219 | + | .decl Rule_Match_ruby_rails_render_using_user_input_user_input_1(node: AST_NodeId) |
| 220 | + | .output Rule_Match_ruby_rails_render_using_user_input_user_input_1 |
| 221 | + | Rule_Match_ruby_rails_render_using_user_input_user_input_1(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "request"). |
| 222 | + | .decl Rule_Match_ruby_rails_render_using_user_input_user_input_2(node: AST_NodeId) |
| 223 | + | .output Rule_Match_ruby_rails_render_using_user_input_user_input_2 |
| 224 | + | Rule_Match_ruby_rails_render_using_user_input_user_input_2(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "cookies"). |
| 225 | + | // rule ruby_rails_insecure_disabling_of_callback |
| 226 | + | .decl Rule_Match_ruby_rails_insecure_disabling_of_callback_0(node: AST_NodeId, node2: AST_NodeId) |
| 227 | + | .output Rule_Match_ruby_rails_insecure_disabling_of_callback_0 |
| 228 | + | Rule_Match_ruby_rails_insecure_disabling_of_callback_0(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), !AST_NodeField(node1, _, "receiver"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "pair"), AST_NodeField(node4, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":CurioVar1"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "CurioVar1")), AST_NodeField(node4, node5, "value"), AST_NodeType(node5, _). |
| 229 | + | // rule ruby_rails_http_verb_confusion |
| 230 | + | .decl Rule_Match_ruby_rails_http_verb_confusion_0(node: AST_NodeId) |
| 231 | + | .output Rule_Match_ruby_rails_http_verb_confusion_0 |
| 232 | + | Rule_Match_ruby_rails_http_verb_confusion_0(node1) :- AST_NodeType(node1, "if"), !AST_NodeField(node1, _, "consequence"), AST_NodeField(node1, node2, "condition"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "request"), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "get?"), AST_NodeField(node1, node5, "alternative"), AST_NodeType(node5, "else"). |
| 233 | + | .decl Rule_Match_ruby_rails_http_verb_confusion_1(node: AST_NodeId) |
| 234 | + | .output Rule_Match_ruby_rails_http_verb_confusion_1 |
| 235 | + | Rule_Match_ruby_rails_http_verb_confusion_1(node1) :- AST_NodeType(node1, "unless"), !AST_NodeField(node1, _, "consequence"), !AST_NodeField(node1, _, "alternative"), AST_NodeField(node1, node2, "condition"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "request"), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "get?"). |
| 236 | + | .decl Rule_Match_ruby_rails_http_verb_confusion_2(node: AST_NodeId) |
| 237 | + | .output Rule_Match_ruby_rails_http_verb_confusion_2 |
| 238 | + | Rule_Match_ruby_rails_http_verb_confusion_2(node1) :- AST_NodeType(node1, "unless_modifier"), AST_NodeField(node1, node2, "body"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "condition"), AST_NodeType(node3, "call"), !AST_NodeField(node3, _, "block"), (!AST_NodeField(node3, _, "arguments"); AST_NodeField(node3, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node3, node4, "receiver"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "request"), AST_NodeField(node3, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "get?"). |
| 239 | + | // rule ruby_third_parties_rollbar |
| 240 | + | .decl Rule_Match_ruby_third_parties_rollbar_0(node: AST_NodeId, node5: AST_NodeId) |
| 241 | + | .output Rule_Match_ruby_third_parties_rollbar_0 |
| 242 | + | Rule_Match_ruby_third_parties_rollbar_0(node1, node5) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, _), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "rollbar_context"), AST_NodeField(node1, node5, "right"), AST_NodeType(node5, _). |
| 243 | + | .decl Rule_Match_ruby_third_parties_rollbar_1(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
| 244 | + | .output Rule_Match_ruby_third_parties_rollbar_1 |
| 245 | + | Rule_Match_ruby_third_parties_rollbar_1(node1, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Rollbar"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 246 | + | .decl Rule_Match_ruby_third_parties_rollbar_2(node: AST_NodeId, node6: AST_NodeId) |
| 247 | + | .output Rule_Match_ruby_third_parties_rollbar_2 |
| 248 | + | Rule_Match_ruby_third_parties_rollbar_2(node1, node6) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Rollbar"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "log"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _), AST_ParentChild(node4, 1, node6), AST_NodeType(node6, _). |
| 249 | + | .decl Rule_Match_ruby_third_parties_rollbar_3(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
| 250 | + | .output Rule_Match_ruby_third_parties_rollbar_3 |
| 251 | + | Rule_Match_ruby_third_parties_rollbar_3(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "scope"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 252 | + | .decl Rule_Match_ruby_third_parties_rollbar_4(node: AST_NodeId, node5: AST_NodeId) |
| 253 | + | .output Rule_Match_ruby_third_parties_rollbar_4 |
| 254 | + | Rule_Match_ruby_third_parties_rollbar_4(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Rollbar"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "scoped"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
98 | 255 | | // rule ruby_lang_exec_using_user_input_user_input |
99 | 256 | | .decl Rule_Match_ruby_lang_exec_using_user_input_user_input_0(node: AST_NodeId) |
100 | 257 | | .output Rule_Match_ruby_lang_exec_using_user_input_user_input_0 |
| skipped 7 lines |
108 | 265 | | .decl Rule_Match_ruby_lang_exec_using_user_input_user_input_3(node: AST_NodeId) |
109 | 266 | | .output Rule_Match_ruby_lang_exec_using_user_input_user_input_3 |
110 | 267 | | Rule_Match_ruby_lang_exec_using_user_input_user_input_3(node1) :- AST_NodeType(node1, "method"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "parameters"), AST_NodeType(node3, "method_parameters"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "keyword_parameter"), !AST_NodeField(node4, _, "value"), AST_NodeField(node4, node5, "name"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "event"), AST_ParentChild(node3, 1, node6), AST_NodeType(node6, "keyword_parameter"), !AST_NodeField(node6, _, "value"), AST_NodeField(node6, node7, "name"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "context"). |
111 | | - | // rule ruby_lang_deserialization_of_user_input_sanitized_user_input |
112 | | - | .decl Rule_Match_ruby_lang_deserialization_of_user_input_sanitized_user_input_0(node: AST_NodeId) |
113 | | - | .output Rule_Match_ruby_lang_deserialization_of_user_input_sanitized_user_input_0 |
114 | | - | Rule_Match_ruby_lang_deserialization_of_user_input_sanitized_user_input_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "JSON"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "parse"). |
115 | | - | .decl Rule_Match_ruby_lang_deserialization_of_user_input_sanitized_user_input_1(node: AST_NodeId) |
116 | | - | .output Rule_Match_ruby_lang_deserialization_of_user_input_sanitized_user_input_1 |
117 | | - | Rule_Match_ruby_lang_deserialization_of_user_input_sanitized_user_input_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), !AST_NodeField(node1, _, "receiver"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Nokogiri"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "XML"). |
118 | | - | // rule ruby_lang_path_using_user_input_user_input |
119 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_user_input_0(node: AST_NodeId) |
120 | | - | .output Rule_Match_ruby_lang_path_using_user_input_user_input_0 |
121 | | - | Rule_Match_ruby_lang_path_using_user_input_user_input_0(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "params"). |
122 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_user_input_1(node: AST_NodeId) |
123 | | - | .output Rule_Match_ruby_lang_path_using_user_input_user_input_1 |
124 | | - | Rule_Match_ruby_lang_path_using_user_input_user_input_1(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "request"). |
125 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_user_input_2(node: AST_NodeId) |
126 | | - | .output Rule_Match_ruby_lang_path_using_user_input_user_input_2 |
127 | | - | Rule_Match_ruby_lang_path_using_user_input_user_input_2(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "cookies"). |
128 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_user_input_3(node: AST_NodeId) |
129 | | - | .output Rule_Match_ruby_lang_path_using_user_input_user_input_3 |
130 | | - | Rule_Match_ruby_lang_path_using_user_input_user_input_3(node1) :- AST_NodeType(node1, "method"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "parameters"), AST_NodeType(node3, "method_parameters"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "keyword_parameter"), !AST_NodeField(node4, _, "value"), AST_NodeField(node4, node5, "name"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "event"), AST_ParentChild(node3, 1, node6), AST_NodeType(node6, "keyword_parameter"), !AST_NodeField(node6, _, "value"), AST_NodeField(node6, node7, "name"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "context"). |
131 | | - | // rule segment_init |
132 | | - | .decl Rule_Match_segment_init_0(node: AST_NodeId) |
133 | | - | .output Rule_Match_segment_init_0 |
134 | | - | Rule_Match_segment_init_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Segment"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Analytics"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
135 | | - | // rule ruby_lang_eval_using_user_input_user_input |
136 | | - | .decl Rule_Match_ruby_lang_eval_using_user_input_user_input_0(node: AST_NodeId) |
137 | | - | .output Rule_Match_ruby_lang_eval_using_user_input_user_input_0 |
138 | | - | Rule_Match_ruby_lang_eval_using_user_input_user_input_0(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "params"). |
139 | | - | .decl Rule_Match_ruby_lang_eval_using_user_input_user_input_1(node: AST_NodeId) |
140 | | - | .output Rule_Match_ruby_lang_eval_using_user_input_user_input_1 |
141 | | - | Rule_Match_ruby_lang_eval_using_user_input_user_input_1(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "request"). |
142 | | - | .decl Rule_Match_ruby_lang_eval_using_user_input_user_input_2(node: AST_NodeId) |
143 | | - | .output Rule_Match_ruby_lang_eval_using_user_input_user_input_2 |
144 | | - | Rule_Match_ruby_lang_eval_using_user_input_user_input_2(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "cookies"). |
145 | | - | .decl Rule_Match_ruby_lang_eval_using_user_input_user_input_3(node: AST_NodeId) |
146 | | - | .output Rule_Match_ruby_lang_eval_using_user_input_user_input_3 |
147 | | - | Rule_Match_ruby_lang_eval_using_user_input_user_input_3(node1) :- AST_NodeType(node1, "method"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "parameters"), AST_NodeType(node3, "method_parameters"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "keyword_parameter"), !AST_NodeField(node4, _, "value"), AST_NodeField(node4, node5, "name"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "event"), AST_ParentChild(node3, 1, node6), AST_NodeType(node6, "keyword_parameter"), !AST_NodeField(node6, _, "value"), AST_NodeField(node6, node7, "name"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "context"). |
148 | | - | // rule ruby_lang_path_using_user_input_shell_cmd_trans_user_input |
149 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_shell_cmd_trans_user_input_0(node: AST_NodeId, node2: AST_NodeId, node4: AST_NodeId) |
150 | | - | .output Rule_Match_ruby_lang_path_using_user_input_shell_cmd_trans_user_input_0 |
151 | | - | Rule_Match_ruby_lang_path_using_user_input_shell_cmd_trans_user_input_0(node1, node2, node4) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, _). |
152 | | - | // rule ruby_rails_insecure_http_password |
153 | | - | // rule ruby_lang_cookies |
154 | | - | .decl Rule_Match_ruby_lang_cookies_0(node: AST_NodeId, node5: AST_NodeId) |
155 | | - | .output Rule_Match_ruby_lang_cookies_0 |
156 | | - | Rule_Match_ruby_lang_cookies_0(node1, node5) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "element_reference"), AST_NodeField(node2, node3, "object"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "cookies"), AST_ParentChild(node2, 0, node4), AST_NodeType(node4, _), AST_NodeField(node1, node5, "right"), AST_NodeType(node5, _). |
157 | | - | .decl Rule_Match_ruby_lang_cookies_1(node: AST_NodeId, node5: AST_NodeId, node7: AST_NodeId) |
158 | | - | .output Rule_Match_ruby_lang_cookies_1 |
159 | | - | Rule_Match_ruby_lang_cookies_1(node1, node5, node7) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "element_reference"), AST_NodeField(node2, node3, "object"), AST_NodeType(node3, "call"), !AST_NodeField(node3, _, "block"), (!AST_NodeField(node3, _, "arguments"); AST_NodeField(node3, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node3, node4, "receiver"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "cookies"), AST_NodeField(node3, node5, "method"), AST_NodeType(node5, _), AST_ParentChild(node2, 0, node6), AST_NodeType(node6, _), AST_NodeField(node1, node7, "right"), AST_NodeType(node7, _). |
160 | | - | // rule ruby_third_parties_new_relic |
161 | | - | .decl Rule_Match_ruby_third_parties_new_relic_0(node: AST_NodeId, node7: AST_NodeId) |
162 | | - | .output Rule_Match_ruby_third_parties_new_relic_0 |
163 | | - | Rule_Match_ruby_third_parties_new_relic_0(node1, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "NewRelic"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Agent"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "add_custom_attributes"), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
164 | | - | .decl Rule_Match_ruby_third_parties_new_relic_1(node: AST_NodeId, node7: AST_NodeId) |
165 | | - | .output Rule_Match_ruby_third_parties_new_relic_1 |
166 | | - | Rule_Match_ruby_third_parties_new_relic_1(node1, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "NewRelic"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Agent"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "add_custom_parameters"), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
167 | | - | .decl Rule_Match_ruby_third_parties_new_relic_2(node: AST_NodeId, node7: AST_NodeId) |
168 | | - | .output Rule_Match_ruby_third_parties_new_relic_2 |
169 | | - | Rule_Match_ruby_third_parties_new_relic_2(node1, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "NewRelic"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Agent"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "notice_error"), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
170 | | - | // rule google_dataflow_snapshots_client_init |
171 | | - | .decl Rule_Match_google_dataflow_snapshots_client_init_1(node: AST_NodeId) |
172 | | - | .output Rule_Match_google_dataflow_snapshots_client_init_1 |
173 | | - | Rule_Match_google_dataflow_snapshots_client_init_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "scope_resolution"), AST_NodeField(node3, node4, "scope"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Google"), AST_NodeField(node3, node5, "name"), AST_NodeType(node5, "constant"), AST_NodeContent(node5, "Cloud"), AST_NodeField(node2, node6, "name"), AST_NodeType(node6, "constant"), AST_NodeContent(node6, "Dataflow"), AST_NodeField(node1, node7, "method"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "snapshots"). |
174 | | - | // rule ruby_rails_default_encryption |
175 | | - | .decl Rule_Match_ruby_rails_default_encryption_0(node: AST_NodeId, node6: AST_NodeId) |
176 | | - | .output Rule_Match_ruby_rails_default_encryption_0 |
177 | | - | Rule_Match_ruby_rails_default_encryption_0(node1, node6) :- AST_NodeType(node1, "class"), !AST_NodeField(node1, _, "superclass"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, _), AST_ParentChild(node1, 0, node3), AST_NodeType(node3, "call"), !AST_NodeField(node3, _, "receiver"), !AST_NodeField(node3, _, "block"), AST_NodeField(node3, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "encrypts"), AST_NodeField(node3, node5, "arguments"), AST_NodeType(node5, "argument_list"), AST_ParentChild(node5, 0, node6), AST_NodeType(node6, _). |
178 | | - | // rule ruby_lang_file_generation |
179 | | - | .decl Rule_Match_ruby_lang_file_generation_0(node: AST_NodeId, node2: AST_NodeId, node4: AST_NodeId) |
180 | | - | .output Rule_Match_ruby_lang_file_generation_0 |
181 | | - | Rule_Match_ruby_lang_file_generation_0(node1, node2, node4) :- AST_NodeType(node1, "binary"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "operator"), AST_NodeType(node3, "<<"), AST_NodeField(node1, node4, "right"), AST_NodeType(node4, _). |
182 | | - | .decl Rule_Match_ruby_lang_file_generation_1(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
183 | | - | .output Rule_Match_ruby_lang_file_generation_1 |
184 | | - | Rule_Match_ruby_lang_file_generation_1(node1, node2, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
185 | | - | // rule ruby_lang_weak_encryption_with_data_openssl_rsa_init |
186 | | - | .decl Rule_Match_ruby_lang_weak_encryption_with_data_openssl_rsa_init_0(node: AST_NodeId) |
187 | | - | .output Rule_Match_ruby_lang_weak_encryption_with_data_openssl_rsa_init_0 |
188 | | - | Rule_Match_ruby_lang_weak_encryption_with_data_openssl_rsa_init_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "scope_resolution"), AST_NodeField(node3, node4, "scope"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "OpenSSL"), AST_NodeField(node3, node5, "name"), AST_NodeType(node5, "constant"), AST_NodeContent(node5, "PKey"), AST_NodeField(node2, node6, "name"), AST_NodeType(node6, "constant"), AST_NodeContent(node6, "RSA"), AST_NodeField(node1, node7, "method"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "new"). |
189 | | - | // rule ruby_lang_http_url_using_user_input_user_input |
190 | | - | .decl Rule_Match_ruby_lang_http_url_using_user_input_user_input_0(node: AST_NodeId) |
191 | | - | .output Rule_Match_ruby_lang_http_url_using_user_input_user_input_0 |
192 | | - | Rule_Match_ruby_lang_http_url_using_user_input_user_input_0(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "params"). |
193 | | - | .decl Rule_Match_ruby_lang_http_url_using_user_input_user_input_1(node: AST_NodeId) |
194 | | - | .output Rule_Match_ruby_lang_http_url_using_user_input_user_input_1 |
195 | | - | Rule_Match_ruby_lang_http_url_using_user_input_user_input_1(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "request"). |
196 | | - | .decl Rule_Match_ruby_lang_http_url_using_user_input_user_input_2(node: AST_NodeId) |
197 | | - | .output Rule_Match_ruby_lang_http_url_using_user_input_user_input_2 |
198 | | - | Rule_Match_ruby_lang_http_url_using_user_input_user_input_2(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "cookies"). |
199 | | - | .decl Rule_Match_ruby_lang_http_url_using_user_input_user_input_3(node: AST_NodeId) |
200 | | - | .output Rule_Match_ruby_lang_http_url_using_user_input_user_input_3 |
201 | | - | Rule_Match_ruby_lang_http_url_using_user_input_user_input_3(node1) :- AST_NodeType(node1, "method"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "parameters"), AST_NodeType(node3, "method_parameters"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "keyword_parameter"), !AST_NodeField(node4, _, "value"), AST_NodeField(node4, node5, "name"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "event"), AST_ParentChild(node3, 1, node6), AST_NodeType(node6, "keyword_parameter"), !AST_NodeField(node6, _, "value"), AST_NodeField(node6, node7, "name"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "context"). |
| 268 | + | // rule ruby_third_parties_algolia_client |
| 269 | + | .decl Rule_Match_ruby_third_parties_algolia_client_0(node: AST_NodeId) |
| 270 | + | .output Rule_Match_ruby_third_parties_algolia_client_0 |
| 271 | + | Rule_Match_ruby_third_parties_algolia_client_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "scope_resolution"), AST_NodeField(node3, node4, "scope"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Algolia"), AST_NodeField(node3, node5, "name"), AST_NodeType(node5, "constant"), AST_NodeContent(node5, "Search"), AST_NodeField(node2, node6, "name"), AST_NodeType(node6, "constant"), AST_NodeContent(node6, "Client"), AST_NodeField(node1, node7, "method"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "create"). |
202 | 272 | | // rule ruby_third_parties_sentry |
203 | 273 | | .decl Rule_Match_ruby_third_parties_sentry_0(node: AST_NodeId, node7: AST_NodeId) |
204 | 274 | | .output Rule_Match_ruby_third_parties_sentry_0 |
| skipped 13 lines |
218 | 288 | | .decl Rule_Match_ruby_third_parties_sentry_16(node: AST_NodeId, node5: AST_NodeId) |
219 | 289 | | .output Rule_Match_ruby_third_parties_sentry_16 |
220 | 290 | | Rule_Match_ruby_third_parties_sentry_16(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Sentry"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "set_user"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
221 | | - | // rule ruby_rails_http_verb_confusion |
222 | | - | .decl Rule_Match_ruby_rails_http_verb_confusion_0(node: AST_NodeId) |
223 | | - | .output Rule_Match_ruby_rails_http_verb_confusion_0 |
224 | | - | Rule_Match_ruby_rails_http_verb_confusion_0(node1) :- AST_NodeType(node1, "if"), !AST_NodeField(node1, _, "consequence"), AST_NodeField(node1, node2, "condition"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "request"), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "get?"), AST_NodeField(node1, node5, "alternative"), AST_NodeType(node5, "else"). |
225 | | - | .decl Rule_Match_ruby_rails_http_verb_confusion_1(node: AST_NodeId) |
226 | | - | .output Rule_Match_ruby_rails_http_verb_confusion_1 |
227 | | - | Rule_Match_ruby_rails_http_verb_confusion_1(node1) :- AST_NodeType(node1, "unless"), !AST_NodeField(node1, _, "consequence"), !AST_NodeField(node1, _, "alternative"), AST_NodeField(node1, node2, "condition"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "request"), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "get?"). |
228 | | - | .decl Rule_Match_ruby_rails_http_verb_confusion_2(node: AST_NodeId) |
229 | | - | .output Rule_Match_ruby_rails_http_verb_confusion_2 |
230 | | - | Rule_Match_ruby_rails_http_verb_confusion_2(node1) :- AST_NodeType(node1, "unless_modifier"), AST_NodeField(node1, node2, "body"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "condition"), AST_NodeType(node3, "call"), !AST_NodeField(node3, _, "block"), (!AST_NodeField(node3, _, "arguments"); AST_NodeField(node3, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node3, node4, "receiver"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "request"), AST_NodeField(node3, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "get?"). |
231 | | - | // rule ruby_rails_redirect_to_user_input |
232 | | - | .decl Rule_Match_ruby_rails_redirect_to_user_input_0(node: AST_NodeId) |
233 | | - | .output Rule_Match_ruby_rails_redirect_to_user_input_0 |
234 | | - | Rule_Match_ruby_rails_redirect_to_user_input_0(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "params"). |
235 | | - | .decl Rule_Match_ruby_rails_redirect_to_user_input_1(node: AST_NodeId) |
236 | | - | .output Rule_Match_ruby_rails_redirect_to_user_input_1 |
237 | | - | Rule_Match_ruby_rails_redirect_to_user_input_1(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "request"). |
238 | | - | .decl Rule_Match_ruby_rails_redirect_to_user_input_2(node: AST_NodeId) |
239 | | - | .output Rule_Match_ruby_rails_redirect_to_user_input_2 |
240 | | - | Rule_Match_ruby_rails_redirect_to_user_input_2(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "cookies"). |
241 | | - | // rule ruby_lang_http_url_using_user_input_net_http |
242 | | - | .decl Rule_Match_ruby_lang_http_url_using_user_input_net_http_0(node: AST_NodeId, node1: AST_NodeId) |
243 | | - | .output Rule_Match_ruby_lang_http_url_using_user_input_net_http_0 |
244 | | - | Rule_Match_ruby_lang_http_url_using_user_input_net_http_0(node1, node1) :- AST_NodeType(node1, _). |
245 | | - | .decl Rule_Match_ruby_lang_http_url_using_user_input_net_http_1(node: AST_NodeId, node2: AST_NodeId) |
246 | | - | .output Rule_Match_ruby_lang_http_url_using_user_input_net_http_1 |
247 | | - | Rule_Match_ruby_lang_http_url_using_user_input_net_http_1(node1, node2) :- AST_NodeType(node1, "call"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "start"), AST_NodeField(node1, node4, "block"), AST_NodeType(node4, "block"), AST_NodeField(node4, node5, "parameters"), AST_NodeType(node5, "block_parameters"), AST_ParentChild(node5, 0, node6), AST_NodeType(node6, _). |
248 | | - | .decl Rule_Match_ruby_lang_http_url_using_user_input_net_http_2(node: AST_NodeId, node2: AST_NodeId) |
249 | | - | .output Rule_Match_ruby_lang_http_url_using_user_input_net_http_2 |
250 | | - | Rule_Match_ruby_lang_http_url_using_user_input_net_http_2(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "start"). |
251 | | - | // rule ruby_lang_ftp_using_user_input_ftp |
252 | | - | .decl Rule_Match_ruby_lang_ftp_using_user_input_ftp_0(node: AST_NodeId) |
253 | | - | .output Rule_Match_ruby_lang_ftp_using_user_input_ftp_0 |
254 | | - | Rule_Match_ruby_lang_ftp_using_user_input_ftp_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "FTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
255 | | - | .decl Rule_Match_ruby_lang_ftp_using_user_input_ftp_1(node: AST_NodeId) |
256 | | - | .output Rule_Match_ruby_lang_ftp_using_user_input_ftp_1 |
257 | | - | Rule_Match_ruby_lang_ftp_using_user_input_ftp_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "FTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "open"). |
258 | | - | .decl Rule_Match_ruby_lang_ftp_using_user_input_ftp_2(node: AST_NodeId) |
259 | | - | .output Rule_Match_ruby_lang_ftp_using_user_input_ftp_2 |
260 | | - | Rule_Match_ruby_lang_ftp_using_user_input_ftp_2(node1) :- AST_NodeType(node1, "call"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "FTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "open"), AST_NodeField(node1, node6, "block"), AST_NodeType(node6, "block"), AST_NodeField(node6, node7, "parameters"), AST_NodeType(node7, "block_parameters"), AST_ParentChild(node7, 0, node8), AST_NodeType(node8, _). |
261 | | - | // rule ruby_rails_session |
262 | | - | .decl Rule_Match_ruby_rails_session_0(node: AST_NodeId, node5: AST_NodeId) |
263 | | - | .output Rule_Match_ruby_rails_session_0 |
264 | | - | Rule_Match_ruby_rails_session_0(node1, node5) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "element_reference"), AST_NodeField(node2, node3, "object"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "session"), AST_ParentChild(node2, 0, node4), AST_NodeType(node4, _), AST_NodeField(node1, node5, "right"), AST_NodeType(node5, _). |
265 | | - | // rule ruby_third_parties_airbrake |
266 | | - | .decl Rule_Match_ruby_third_parties_airbrake_0(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
267 | | - | .output Rule_Match_ruby_third_parties_airbrake_0 |
268 | | - | Rule_Match_ruby_third_parties_airbrake_0(node1, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Airbrake"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
269 | | - | .decl Rule_Match_ruby_third_parties_airbrake_2(node: AST_NodeId, node5: AST_NodeId) |
270 | | - | .output Rule_Match_ruby_third_parties_airbrake_2 |
271 | | - | Rule_Match_ruby_third_parties_airbrake_2(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Airbrake"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "merge_context"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
272 | | - | .decl Rule_Match_ruby_third_parties_airbrake_3(node: AST_NodeId, node3: AST_NodeId) |
273 | | - | .output Rule_Match_ruby_third_parties_airbrake_3 |
274 | | - | Rule_Match_ruby_third_parties_airbrake_3(node1, node3) :- AST_NodeType(node1, "method"), !AST_NodeField(node1, _, "parameters"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "to_airbrake"), AST_ParentChild(node1, 0, node3), AST_NodeType(node3, _). |
275 | | - | // rule openssl_rsa_init |
276 | | - | // rule google_dataflow_message_text_classes |
277 | | - | // rule ruby_rails_insecure_smtp |
278 | | - | // rule ruby_lang_deserialization_of_user_input |
279 | | - | .decl Rule_Match_ruby_lang_deserialization_of_user_input_0(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
280 | | - | .output Rule_Match_ruby_lang_deserialization_of_user_input_0 |
281 | | - | Rule_Match_ruby_lang_deserialization_of_user_input_0(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "load"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
282 | | - | .decl Rule_Match_ruby_lang_deserialization_of_user_input_1(node: AST_NodeId, node5: AST_NodeId) |
283 | | - | .output Rule_Match_ruby_lang_deserialization_of_user_input_1 |
284 | | - | Rule_Match_ruby_lang_deserialization_of_user_input_1(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Marshal"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "restore"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
285 | | - | .decl Rule_Match_ruby_lang_deserialization_of_user_input_2(node: AST_NodeId, node5: AST_NodeId) |
286 | | - | .output Rule_Match_ruby_lang_deserialization_of_user_input_2 |
287 | | - | Rule_Match_ruby_lang_deserialization_of_user_input_2(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Oj"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "object_load"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
288 | | - | // rule ruby_third_parties_google_analytics |
289 | | - | // rule ruby_third_parties_bigquery_dataset |
290 | | - | .decl Rule_Match_ruby_third_parties_bigquery_dataset_0(node: AST_NodeId, node2: AST_NodeId) |
291 | | - | .output Rule_Match_ruby_third_parties_bigquery_dataset_0 |
292 | | - | Rule_Match_ruby_third_parties_bigquery_dataset_0(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "dataset"). |
293 | | - | // rule ruby_lang_hardcoded_secret |
294 | | - | .decl Rule_Match_ruby_lang_hardcoded_secret_0(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId) |
295 | | - | .output Rule_Match_ruby_lang_hardcoded_secret_0 |
296 | | - | Rule_Match_ruby_lang_hardcoded_secret_0(node1, node2, node3) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "right"), AST_NodeType(node3, _). |
297 | | - | .decl Rule_Match_ruby_lang_hardcoded_secret_1(node: AST_NodeId, node5: AST_NodeId) |
298 | | - | .output Rule_Match_ruby_lang_hardcoded_secret_1 |
299 | | - | Rule_Match_ruby_lang_hardcoded_secret_1(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "pair"), AST_NodeField(node4, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":CurioVar1"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "CurioVar1")), AST_NodeField(node4, node5, "value"), AST_NodeType(node5, _). |
300 | | - | .decl Rule_Match_ruby_lang_hardcoded_secret_2(node: AST_NodeId, node5: AST_NodeId, node6: AST_NodeId) |
301 | | - | .output Rule_Match_ruby_lang_hardcoded_secret_2 |
302 | | - | Rule_Match_ruby_lang_hardcoded_secret_2(node1, node5, node6) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "pair"), AST_NodeField(node4, node5, "key"), AST_NodeType(node5, _), AST_NodeField(node4, node6, "value"), AST_NodeType(node6, _). |
303 | | - | .decl Rule_Match_ruby_lang_hardcoded_secret_3(node: AST_NodeId, node3: AST_NodeId) |
304 | | - | .output Rule_Match_ruby_lang_hardcoded_secret_3 |
305 | | - | Rule_Match_ruby_lang_hardcoded_secret_3(node1, node3) :- AST_NodeType(node1, "hash"), AST_ParentChild(node1, 0, node2), AST_NodeType(node2, "pair"), AST_NodeField(node2, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":CurioVar0"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "CurioVar0")), AST_NodeField(node2, node3, "value"), AST_NodeType(node3, _). |
306 | | - | .decl Rule_Match_ruby_lang_hardcoded_secret_4(node: AST_NodeId, node3: AST_NodeId, node4: AST_NodeId) |
307 | | - | .output Rule_Match_ruby_lang_hardcoded_secret_4 |
308 | | - | Rule_Match_ruby_lang_hardcoded_secret_4(node1, node3, node4) :- AST_NodeType(node1, "hash"), AST_ParentChild(node1, 0, node2), AST_NodeType(node2, "pair"), AST_NodeField(node2, node3, "key"), AST_NodeType(node3, _), AST_NodeField(node2, node4, "value"), AST_NodeType(node4, _). |
309 | | - | // rule ruby_lang_ftp_using_user_input_user_input |
310 | | - | .decl Rule_Match_ruby_lang_ftp_using_user_input_user_input_0(node: AST_NodeId) |
311 | | - | .output Rule_Match_ruby_lang_ftp_using_user_input_user_input_0 |
312 | | - | Rule_Match_ruby_lang_ftp_using_user_input_user_input_0(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "params"). |
313 | | - | .decl Rule_Match_ruby_lang_ftp_using_user_input_user_input_1(node: AST_NodeId) |
314 | | - | .output Rule_Match_ruby_lang_ftp_using_user_input_user_input_1 |
315 | | - | Rule_Match_ruby_lang_ftp_using_user_input_user_input_1(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "request"). |
316 | | - | .decl Rule_Match_ruby_lang_ftp_using_user_input_user_input_2(node: AST_NodeId) |
317 | | - | .output Rule_Match_ruby_lang_ftp_using_user_input_user_input_2 |
318 | | - | Rule_Match_ruby_lang_ftp_using_user_input_user_input_2(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "cookies"). |
319 | | - | .decl Rule_Match_ruby_lang_ftp_using_user_input_user_input_3(node: AST_NodeId) |
320 | | - | .output Rule_Match_ruby_lang_ftp_using_user_input_user_input_3 |
321 | | - | Rule_Match_ruby_lang_ftp_using_user_input_user_input_3(node1) :- AST_NodeType(node1, "method"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "parameters"), AST_NodeType(node3, "method_parameters"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "keyword_parameter"), !AST_NodeField(node4, _, "value"), AST_NodeField(node4, node5, "name"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "event"), AST_ParentChild(node3, 1, node6), AST_NodeType(node6, "keyword_parameter"), !AST_NodeField(node6, _, "value"), AST_NodeField(node6, node7, "name"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "context"). |
322 | | - | // rule ruby_rails_render_using_user_input |
323 | | - | .decl Rule_Match_ruby_rails_render_using_user_input_0(node: AST_NodeId, node5: AST_NodeId) |
324 | | - | .output Rule_Match_ruby_rails_render_using_user_input_0 |
325 | | - | Rule_Match_ruby_rails_render_using_user_input_0(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "render"), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "pair"), AST_NodeField(node4, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":inline"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "inline")), AST_NodeField(node4, node5, "value"), AST_NodeType(node5, _). |
326 | | - | .decl Rule_Match_ruby_rails_render_using_user_input_1(node: AST_NodeId, node5: AST_NodeId) |
327 | | - | .output Rule_Match_ruby_rails_render_using_user_input_1 |
328 | | - | Rule_Match_ruby_rails_render_using_user_input_1(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "render"), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "pair"), AST_NodeField(node4, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":html"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "html")), AST_NodeField(node4, node5, "value"), AST_NodeType(node5, _). |
| 291 | + | // rule ruby_lang_deserialization_of_user_input_user_input |
| 292 | + | .decl Rule_Match_ruby_lang_deserialization_of_user_input_user_input_0(node: AST_NodeId) |
| 293 | + | .output Rule_Match_ruby_lang_deserialization_of_user_input_user_input_0 |
| 294 | + | Rule_Match_ruby_lang_deserialization_of_user_input_user_input_0(node1) :- AST_NodeType(node1, "method"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "parameters"), AST_NodeType(node3, "method_parameters"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "keyword_parameter"), !AST_NodeField(node4, _, "value"), AST_NodeField(node4, node5, "name"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "event"), AST_ParentChild(node3, 1, node6), AST_NodeType(node6, "keyword_parameter"), !AST_NodeField(node6, _, "value"), AST_NodeField(node6, node7, "name"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "context"). |
| 295 | + | .decl Rule_Match_ruby_lang_deserialization_of_user_input_user_input_1(node: AST_NodeId, node1: AST_NodeId) |
| 296 | + | .output Rule_Match_ruby_lang_deserialization_of_user_input_user_input_1 |
| 297 | + | Rule_Match_ruby_lang_deserialization_of_user_input_user_input_1(node1, node1) :- AST_NodeType(node1, _). |
| 298 | + | // rule ruby_rails_password_length |
329 | 299 | | // rule ruby_lang_http_insecure |
330 | 300 | | .decl Rule_Match_ruby_lang_http_insecure_0(node: AST_NodeId, node5: AST_NodeId, node7: AST_NodeId) |
331 | 301 | | .output Rule_Match_ruby_lang_http_insecure_0 |
| skipped 31 lines |
363 | 333 | | .decl Rule_Match_ruby_lang_http_insecure_12(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
364 | 334 | | .output Rule_Match_ruby_lang_http_insecure_12 |
365 | 335 | | Rule_Match_ruby_lang_http_insecure_12(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "post"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
366 | | - | // rule ruby_third_parties_rollbar_scope |
367 | | - | .decl Rule_Match_ruby_third_parties_rollbar_scope_0(node: AST_NodeId) |
368 | | - | .output Rule_Match_ruby_third_parties_rollbar_scope_0 |
369 | | - | Rule_Match_ruby_third_parties_rollbar_scope_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Rollbar"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "scope"). |
| 336 | + | // rule ruby_third_parties_clickhouse |
| 337 | + | .decl Rule_Match_ruby_third_parties_clickhouse_0(node: AST_NodeId, node2: AST_NodeId, node4: AST_NodeId) |
| 338 | + | .output Rule_Match_ruby_third_parties_clickhouse_0 |
| 339 | + | Rule_Match_ruby_third_parties_clickhouse_0(node1, node2, node4) :- AST_NodeType(node1, "binary"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "operator"), AST_NodeType(node3, "<<"), AST_NodeField(node1, node4, "right"), AST_NodeType(node4, _). |
| 340 | + | // rule ruby_lang_exec_using_user_input_shell |
| 341 | + | .decl Rule_Match_ruby_lang_exec_using_user_input_shell_0(node: AST_NodeId) |
| 342 | + | .output Rule_Match_ruby_lang_exec_using_user_input_shell_0 |
| 343 | + | Rule_Match_ruby_lang_exec_using_user_input_shell_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Shell"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "new"). |
| 344 | + | // rule ruby_rails_permissive_regex_validation |
| 345 | + | .decl Rule_Match_ruby_rails_permissive_regex_validation_0(node: AST_NodeId, node7: AST_NodeId) |
| 346 | + | .output Rule_Match_ruby_rails_permissive_regex_validation_0 |
| 347 | + | Rule_Match_ruby_rails_permissive_regex_validation_0(node1, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "validates"), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "pair"), AST_NodeField(node4, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":format"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "format")), AST_NodeField(node4, node5, "value"), AST_NodeType(node5, "hash"), AST_ParentChild(node5, 0, node6), AST_NodeType(node6, "pair"), AST_NodeField(node6, tmp1, "key"), (AST_NodeType(tmp1, "simple_symbol"), AST_NodeContent(tmp1, ":with"); AST_NodeType(tmp1, "hash_key_symbol"), AST_NodeContent(tmp1, "with")), AST_NodeField(node6, node7, "value"), AST_NodeType(node7, _). |
| 348 | + | .decl Rule_Match_ruby_rails_permissive_regex_validation_1(node: AST_NodeId, node5: AST_NodeId) |
| 349 | + | .output Rule_Match_ruby_rails_permissive_regex_validation_1 |
| 350 | + | Rule_Match_ruby_rails_permissive_regex_validation_1(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "validates_format_of"), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "pair"), AST_NodeField(node4, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":with"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "with")), AST_NodeField(node4, node5, "value"), AST_NodeType(node5, _). |
| 351 | + | // rule ruby_lang_path_using_user_input_shell_cmd_trans_user_input |
| 352 | + | .decl Rule_Match_ruby_lang_path_using_user_input_shell_cmd_trans_user_input_0(node: AST_NodeId, node2: AST_NodeId, node4: AST_NodeId) |
| 353 | + | .output Rule_Match_ruby_lang_path_using_user_input_shell_cmd_trans_user_input_0 |
| 354 | + | Rule_Match_ruby_lang_path_using_user_input_shell_cmd_trans_user_input_0(node1, node2, node4) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), !AST_NodeField(node1, _, "receiver"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, _). |
| 355 | + | // rule ruby_lang_reflection_using_user_input_user_input |
| 356 | + | .decl Rule_Match_ruby_lang_reflection_using_user_input_user_input_0(node: AST_NodeId) |
| 357 | + | .output Rule_Match_ruby_lang_reflection_using_user_input_user_input_0 |
| 358 | + | Rule_Match_ruby_lang_reflection_using_user_input_user_input_0(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "params"). |
| 359 | + | .decl Rule_Match_ruby_lang_reflection_using_user_input_user_input_1(node: AST_NodeId) |
| 360 | + | .output Rule_Match_ruby_lang_reflection_using_user_input_user_input_1 |
| 361 | + | Rule_Match_ruby_lang_reflection_using_user_input_user_input_1(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "request"). |
| 362 | + | .decl Rule_Match_ruby_lang_reflection_using_user_input_user_input_2(node: AST_NodeId) |
| 363 | + | .output Rule_Match_ruby_lang_reflection_using_user_input_user_input_2 |
| 364 | + | Rule_Match_ruby_lang_reflection_using_user_input_user_input_2(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "cookies"). |
| 365 | + | .decl Rule_Match_ruby_lang_reflection_using_user_input_user_input_3(node: AST_NodeId) |
| 366 | + | .output Rule_Match_ruby_lang_reflection_using_user_input_user_input_3 |
| 367 | + | Rule_Match_ruby_lang_reflection_using_user_input_user_input_3(node1) :- AST_NodeType(node1, "method"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "parameters"), AST_NodeType(node3, "method_parameters"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "keyword_parameter"), !AST_NodeField(node4, _, "value"), AST_NodeField(node4, node5, "name"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "event"), AST_ParentChild(node3, 1, node6), AST_NodeType(node6, "keyword_parameter"), !AST_NodeField(node6, _, "value"), AST_NodeField(node6, node7, "name"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "context"). |
| 368 | + | // rule google_dataflow_message_text_classes |
| 369 | + | // rule ruby_rails_default_encryption |
| 370 | + | .decl Rule_Match_ruby_rails_default_encryption_0(node: AST_NodeId, node6: AST_NodeId) |
| 371 | + | .output Rule_Match_ruby_rails_default_encryption_0 |
| 372 | + | Rule_Match_ruby_rails_default_encryption_0(node1, node6) :- AST_NodeType(node1, "class"), !AST_NodeField(node1, _, "superclass"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, _), AST_ParentChild(node1, 0, node3), AST_NodeType(node3, "call"), !AST_NodeField(node3, _, "block"), !AST_NodeField(node3, _, "receiver"), AST_NodeField(node3, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "encrypts"), AST_NodeField(node3, node5, "arguments"), AST_NodeType(node5, "argument_list"), AST_ParentChild(node5, 0, node6), AST_NodeType(node6, _). |
| 373 | + | // rule ruby_lang_hardcoded_secret |
| 374 | + | .decl Rule_Match_ruby_lang_hardcoded_secret_0(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId) |
| 375 | + | .output Rule_Match_ruby_lang_hardcoded_secret_0 |
| 376 | + | Rule_Match_ruby_lang_hardcoded_secret_0(node1, node2, node3) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "right"), AST_NodeType(node3, _). |
| 377 | + | .decl Rule_Match_ruby_lang_hardcoded_secret_1(node: AST_NodeId, node5: AST_NodeId) |
| 378 | + | .output Rule_Match_ruby_lang_hardcoded_secret_1 |
| 379 | + | Rule_Match_ruby_lang_hardcoded_secret_1(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "pair"), AST_NodeField(node4, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":CurioVar1"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "CurioVar1")), AST_NodeField(node4, node5, "value"), AST_NodeType(node5, _). |
| 380 | + | .decl Rule_Match_ruby_lang_hardcoded_secret_2(node: AST_NodeId, node5: AST_NodeId, node6: AST_NodeId) |
| 381 | + | .output Rule_Match_ruby_lang_hardcoded_secret_2 |
| 382 | + | Rule_Match_ruby_lang_hardcoded_secret_2(node1, node5, node6) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "pair"), AST_NodeField(node4, node5, "key"), AST_NodeType(node5, _), AST_NodeField(node4, node6, "value"), AST_NodeType(node6, _). |
| 383 | + | .decl Rule_Match_ruby_lang_hardcoded_secret_3(node: AST_NodeId, node3: AST_NodeId) |
| 384 | + | .output Rule_Match_ruby_lang_hardcoded_secret_3 |
| 385 | + | Rule_Match_ruby_lang_hardcoded_secret_3(node1, node3) :- AST_NodeType(node1, "hash"), AST_ParentChild(node1, 0, node2), AST_NodeType(node2, "pair"), AST_NodeField(node2, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":CurioVar0"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "CurioVar0")), AST_NodeField(node2, node3, "value"), AST_NodeType(node3, _). |
| 386 | + | .decl Rule_Match_ruby_lang_hardcoded_secret_4(node: AST_NodeId, node3: AST_NodeId, node4: AST_NodeId) |
| 387 | + | .output Rule_Match_ruby_lang_hardcoded_secret_4 |
| 388 | + | Rule_Match_ruby_lang_hardcoded_secret_4(node1, node3, node4) :- AST_NodeType(node1, "hash"), AST_ParentChild(node1, 0, node2), AST_NodeType(node2, "pair"), AST_NodeField(node2, node3, "key"), AST_NodeType(node3, _), AST_NodeField(node2, node4, "value"), AST_NodeType(node4, _). |
| 389 | + | // rule ruby_rails_render_using_user_input |
| 390 | + | .decl Rule_Match_ruby_rails_render_using_user_input_0(node: AST_NodeId, node5: AST_NodeId) |
| 391 | + | .output Rule_Match_ruby_rails_render_using_user_input_0 |
| 392 | + | Rule_Match_ruby_rails_render_using_user_input_0(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "render"), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "pair"), AST_NodeField(node4, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":inline"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "inline")), AST_NodeField(node4, node5, "value"), AST_NodeType(node5, _). |
| 393 | + | .decl Rule_Match_ruby_rails_render_using_user_input_1(node: AST_NodeId, node5: AST_NodeId) |
| 394 | + | .output Rule_Match_ruby_rails_render_using_user_input_1 |
| 395 | + | Rule_Match_ruby_rails_render_using_user_input_1(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "render"), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "pair"), AST_NodeField(node4, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":html"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "html")), AST_NodeField(node4, node5, "value"), AST_NodeType(node5, _). |
| 396 | + | // rule ruby_lang_file_generation |
| 397 | + | .decl Rule_Match_ruby_lang_file_generation_0(node: AST_NodeId, node2: AST_NodeId, node4: AST_NodeId) |
| 398 | + | .output Rule_Match_ruby_lang_file_generation_0 |
| 399 | + | Rule_Match_ruby_lang_file_generation_0(node1, node2, node4) :- AST_NodeType(node1, "binary"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "operator"), AST_NodeType(node3, "<<"), AST_NodeField(node1, node4, "right"), AST_NodeType(node4, _). |
| 400 | + | .decl Rule_Match_ruby_lang_file_generation_1(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
| 401 | + | .output Rule_Match_ruby_lang_file_generation_1 |
| 402 | + | Rule_Match_ruby_lang_file_generation_1(node1, node2, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 403 | + | // rule ruby_lang_exception |
| 404 | + | .decl Rule_Match_ruby_lang_exception_0(node: AST_NodeId, node4: AST_NodeId) |
| 405 | + | .output Rule_Match_ruby_lang_exception_0 |
| 406 | + | Rule_Match_ruby_lang_exception_0(node1, node4) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "raise"), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, _). |
| 407 | + | // rule google_dataflow_config |
| 408 | + | .decl Rule_Match_google_dataflow_config_0(node: AST_NodeId, node2: AST_NodeId) |
| 409 | + | .output Rule_Match_google_dataflow_config_0 |
| 410 | + | Rule_Match_google_dataflow_config_0(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "configure"). |
| 411 | + | .decl Rule_Match_google_dataflow_config_1(node: AST_NodeId, node2: AST_NodeId) |
| 412 | + | .output Rule_Match_google_dataflow_config_1 |
| 413 | + | Rule_Match_google_dataflow_config_1(node1, node2) :- AST_NodeType(node1, "call"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "configure"), AST_NodeField(node1, node4, "block"), AST_NodeType(node4, "block"), AST_NodeField(node4, node5, "parameters"), AST_NodeType(node5, "block_parameters"), AST_ParentChild(node5, 0, node6), AST_NodeType(node6, _). |
| 414 | + | // rule ruby_lang_http_url_using_user_input_net_http |
| 415 | + | .decl Rule_Match_ruby_lang_http_url_using_user_input_net_http_0(node: AST_NodeId, node1: AST_NodeId) |
| 416 | + | .output Rule_Match_ruby_lang_http_url_using_user_input_net_http_0 |
| 417 | + | Rule_Match_ruby_lang_http_url_using_user_input_net_http_0(node1, node1) :- AST_NodeType(node1, _). |
| 418 | + | .decl Rule_Match_ruby_lang_http_url_using_user_input_net_http_1(node: AST_NodeId, node2: AST_NodeId) |
| 419 | + | .output Rule_Match_ruby_lang_http_url_using_user_input_net_http_1 |
| 420 | + | Rule_Match_ruby_lang_http_url_using_user_input_net_http_1(node1, node2) :- AST_NodeType(node1, "call"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "start"), AST_NodeField(node1, node4, "block"), AST_NodeType(node4, "block"), AST_NodeField(node4, node5, "parameters"), AST_NodeType(node5, "block_parameters"), AST_ParentChild(node5, 0, node6), AST_NodeType(node6, _). |
| 421 | + | .decl Rule_Match_ruby_lang_http_url_using_user_input_net_http_2(node: AST_NodeId, node2: AST_NodeId) |
| 422 | + | .output Rule_Match_ruby_lang_http_url_using_user_input_net_http_2 |
| 423 | + | Rule_Match_ruby_lang_http_url_using_user_input_net_http_2(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "start"). |
| 424 | + | // rule ruby_lang_regex_using_user_input_user_input |
| 425 | + | .decl Rule_Match_ruby_lang_regex_using_user_input_user_input_0(node: AST_NodeId) |
| 426 | + | .output Rule_Match_ruby_lang_regex_using_user_input_user_input_0 |
| 427 | + | Rule_Match_ruby_lang_regex_using_user_input_user_input_0(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "params"). |
| 428 | + | .decl Rule_Match_ruby_lang_regex_using_user_input_user_input_1(node: AST_NodeId) |
| 429 | + | .output Rule_Match_ruby_lang_regex_using_user_input_user_input_1 |
| 430 | + | Rule_Match_ruby_lang_regex_using_user_input_user_input_1(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "request"). |
| 431 | + | .decl Rule_Match_ruby_lang_regex_using_user_input_user_input_2(node: AST_NodeId) |
| 432 | + | .output Rule_Match_ruby_lang_regex_using_user_input_user_input_2 |
| 433 | + | Rule_Match_ruby_lang_regex_using_user_input_user_input_2(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "cookies"). |
| 434 | + | .decl Rule_Match_ruby_lang_regex_using_user_input_user_input_3(node: AST_NodeId) |
| 435 | + | .output Rule_Match_ruby_lang_regex_using_user_input_user_input_3 |
| 436 | + | Rule_Match_ruby_lang_regex_using_user_input_user_input_3(node1) :- AST_NodeType(node1, "method"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "parameters"), AST_NodeType(node3, "method_parameters"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "keyword_parameter"), !AST_NodeField(node4, _, "value"), AST_NodeField(node4, node5, "name"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "event"), AST_ParentChild(node3, 1, node6), AST_NodeType(node6, "keyword_parameter"), !AST_NodeField(node6, _, "value"), AST_NodeField(node6, node7, "name"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "context"). |
| 437 | + | // rule ruby_third_parties_new_relic |
| 438 | + | .decl Rule_Match_ruby_third_parties_new_relic_0(node: AST_NodeId, node7: AST_NodeId) |
| 439 | + | .output Rule_Match_ruby_third_parties_new_relic_0 |
| 440 | + | Rule_Match_ruby_third_parties_new_relic_0(node1, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "NewRelic"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Agent"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "add_custom_attributes"), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
| 441 | + | .decl Rule_Match_ruby_third_parties_new_relic_1(node: AST_NodeId, node7: AST_NodeId) |
| 442 | + | .output Rule_Match_ruby_third_parties_new_relic_1 |
| 443 | + | Rule_Match_ruby_third_parties_new_relic_1(node1, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "NewRelic"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Agent"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "add_custom_parameters"), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
| 444 | + | .decl Rule_Match_ruby_third_parties_new_relic_2(node: AST_NodeId, node7: AST_NodeId) |
| 445 | + | .output Rule_Match_ruby_third_parties_new_relic_2 |
| 446 | + | Rule_Match_ruby_third_parties_new_relic_2(node1, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "NewRelic"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Agent"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "notice_error"), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
| 447 | + | // rule ruby_lang_http_get_params |
| 448 | + | .decl Rule_Match_ruby_lang_http_get_params_0(node: AST_NodeId, node5: AST_NodeId) |
| 449 | + | .output Rule_Match_ruby_lang_http_get_params_0 |
| 450 | + | Rule_Match_ruby_lang_http_get_params_0(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "URI"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "encode_www_form"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 451 | + | .decl Rule_Match_ruby_lang_http_get_params_1(node: AST_NodeId, node4: AST_NodeId) |
| 452 | + | .output Rule_Match_ruby_lang_http_get_params_1 |
| 453 | + | Rule_Match_ruby_lang_http_get_params_1(node1, node4) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "URI"), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, _). |
| 454 | + | .decl Rule_Match_ruby_lang_http_get_params_2(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
| 455 | + | .output Rule_Match_ruby_lang_http_get_params_2 |
| 456 | + | Rule_Match_ruby_lang_http_get_params_2(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "get"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 457 | + | // rule ruby_lang_ftp_using_user_input_ftp |
| 458 | + | .decl Rule_Match_ruby_lang_ftp_using_user_input_ftp_0(node: AST_NodeId) |
| 459 | + | .output Rule_Match_ruby_lang_ftp_using_user_input_ftp_0 |
| 460 | + | Rule_Match_ruby_lang_ftp_using_user_input_ftp_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "FTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
| 461 | + | .decl Rule_Match_ruby_lang_ftp_using_user_input_ftp_1(node: AST_NodeId) |
| 462 | + | .output Rule_Match_ruby_lang_ftp_using_user_input_ftp_1 |
| 463 | + | Rule_Match_ruby_lang_ftp_using_user_input_ftp_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "FTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "open"). |
| 464 | + | .decl Rule_Match_ruby_lang_ftp_using_user_input_ftp_2(node: AST_NodeId) |
| 465 | + | .output Rule_Match_ruby_lang_ftp_using_user_input_ftp_2 |
| 466 | + | Rule_Match_ruby_lang_ftp_using_user_input_ftp_2(node1) :- AST_NodeType(node1, "call"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "FTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "open"), AST_NodeField(node1, node6, "block"), AST_NodeType(node6, "block"), AST_NodeField(node6, node7, "parameters"), AST_NodeType(node7, "block_parameters"), AST_ParentChild(node7, 0, node8), AST_NodeType(node8, _). |
| 467 | + | // rule ruby_lang_reflection_using_user_input |
| 468 | + | .decl Rule_Match_ruby_lang_reflection_using_user_input_0(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
| 469 | + | .output Rule_Match_ruby_lang_reflection_using_user_input_0 |
| 470 | + | Rule_Match_ruby_lang_reflection_using_user_input_0(node1, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 471 | + | .decl Rule_Match_ruby_lang_reflection_using_user_input_1(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
| 472 | + | .output Rule_Match_ruby_lang_reflection_using_user_input_1 |
| 473 | + | Rule_Match_ruby_lang_reflection_using_user_input_1(node1, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 474 | + | .decl Rule_Match_ruby_lang_reflection_using_user_input_2(node: AST_NodeId, node2: AST_NodeId, node4: AST_NodeId) |
| 475 | + | .output Rule_Match_ruby_lang_reflection_using_user_input_2 |
| 476 | + | Rule_Match_ruby_lang_reflection_using_user_input_2(node1, node2, node4) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, _). |
| 477 | + | .decl Rule_Match_ruby_lang_reflection_using_user_input_3(node: AST_NodeId, node2: AST_NodeId) |
| 478 | + | .output Rule_Match_ruby_lang_reflection_using_user_input_3 |
| 479 | + | Rule_Match_ruby_lang_reflection_using_user_input_3(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "to_proc"). |
| 480 | + | .decl Rule_Match_ruby_lang_reflection_using_user_input_4(node: AST_NodeId, node5: AST_NodeId) |
| 481 | + | .output Rule_Match_ruby_lang_reflection_using_user_input_4 |
| 482 | + | Rule_Match_ruby_lang_reflection_using_user_input_4(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "block_argument"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 483 | + | .decl Rule_Match_ruby_lang_reflection_using_user_input_5(node: AST_NodeId, node6: AST_NodeId) |
| 484 | + | .output Rule_Match_ruby_lang_reflection_using_user_input_5 |
| 485 | + | Rule_Match_ruby_lang_reflection_using_user_input_5(node1, node6) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, "block_argument"), AST_ParentChild(node5, 0, node6), AST_NodeType(node6, _). |
| 486 | + | .decl Rule_Match_ruby_lang_reflection_using_user_input_6(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId) |
| 487 | + | .output Rule_Match_ruby_lang_reflection_using_user_input_6 |
| 488 | + | Rule_Match_ruby_lang_reflection_using_user_input_6(node1, node2, node3) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _). |
| 489 | + | // rule ruby_third_parties_honeybadger |
| 490 | + | .decl Rule_Match_ruby_third_parties_honeybadger_0(node: AST_NodeId, node5: AST_NodeId) |
| 491 | + | .output Rule_Match_ruby_third_parties_honeybadger_0 |
| 492 | + | Rule_Match_ruby_third_parties_honeybadger_0(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Honeybadger"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "notify"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 493 | + | .decl Rule_Match_ruby_third_parties_honeybadger_1(node: AST_NodeId, node5: AST_NodeId) |
| 494 | + | .output Rule_Match_ruby_third_parties_honeybadger_1 |
| 495 | + | Rule_Match_ruby_third_parties_honeybadger_1(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Honeybadger"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "context"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 496 | + | .decl Rule_Match_ruby_third_parties_honeybadger_2(node: AST_NodeId, node3: AST_NodeId) |
| 497 | + | .output Rule_Match_ruby_third_parties_honeybadger_2 |
| 498 | + | Rule_Match_ruby_third_parties_honeybadger_2(node1, node3) :- AST_NodeType(node1, "method"), !AST_NodeField(node1, _, "parameters"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "to_honeybadger_context"), AST_ParentChild(node1, 0, node3), AST_NodeType(node3, _). |
| 499 | + | .decl Rule_Match_ruby_third_parties_honeybadger_3(node: AST_NodeId, node5: AST_NodeId) |
| 500 | + | .output Rule_Match_ruby_third_parties_honeybadger_3 |
| 501 | + | Rule_Match_ruby_third_parties_honeybadger_3(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Honeybadger"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "add_breadcrumb"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 502 | + | // rule openssl_rsa_init |
| 503 | + | // rule ruby_lang_cookies |
| 504 | + | .decl Rule_Match_ruby_lang_cookies_0(node: AST_NodeId, node5: AST_NodeId) |
| 505 | + | .output Rule_Match_ruby_lang_cookies_0 |
| 506 | + | Rule_Match_ruby_lang_cookies_0(node1, node5) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "element_reference"), AST_NodeField(node2, node3, "object"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "cookies"), AST_ParentChild(node2, 0, node4), AST_NodeType(node4, _), AST_NodeField(node1, node5, "right"), AST_NodeType(node5, _). |
| 507 | + | .decl Rule_Match_ruby_lang_cookies_1(node: AST_NodeId, node5: AST_NodeId, node7: AST_NodeId) |
| 508 | + | .output Rule_Match_ruby_lang_cookies_1 |
| 509 | + | Rule_Match_ruby_lang_cookies_1(node1, node5, node7) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "element_reference"), AST_NodeField(node2, node3, "object"), AST_NodeType(node3, "call"), !AST_NodeField(node3, _, "block"), (!AST_NodeField(node3, _, "arguments"); AST_NodeField(node3, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node3, node4, "receiver"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "cookies"), AST_NodeField(node3, node5, "method"), AST_NodeType(node5, _), AST_ParentChild(node2, 0, node6), AST_NodeType(node6, _), AST_NodeField(node1, node7, "right"), AST_NodeType(node7, _). |
| 510 | + | // rule ruby_rails_insecure_http_password |
| 511 | + | // rule ruby_lang_http_url_using_user_input_path_hash |
| 512 | + | .decl Rule_Match_ruby_lang_http_url_using_user_input_path_hash_0(node: AST_NodeId, node3: AST_NodeId) |
| 513 | + | .output Rule_Match_ruby_lang_http_url_using_user_input_path_hash_0 |
| 514 | + | Rule_Match_ruby_lang_http_url_using_user_input_path_hash_0(node1, node3) :- AST_NodeType(node1, "hash"), AST_ParentChild(node1, 0, node2), AST_NodeType(node2, "pair"), AST_NodeField(node2, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":path"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "path")), AST_NodeField(node2, node3, "value"), AST_NodeType(node3, _). |
| 515 | + | // rule ruby_lang_insecure_ftp |
| 516 | + | .decl Rule_Match_ruby_lang_insecure_ftp_0(node: AST_NodeId) |
| 517 | + | .output Rule_Match_ruby_lang_insecure_ftp_0 |
| 518 | + | Rule_Match_ruby_lang_insecure_ftp_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "FTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
| 519 | + | .decl Rule_Match_ruby_lang_insecure_ftp_1(node: AST_NodeId, node7: AST_NodeId) |
| 520 | + | .output Rule_Match_ruby_lang_insecure_ftp_1 |
| 521 | + | Rule_Match_ruby_lang_insecure_ftp_1(node1, node7) :- AST_NodeType(node1, "call"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "FTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "open"), AST_NodeField(node1, node6, "block"), AST_NodeType(node6, "do_block"), !AST_NodeField(node6, _, "parameters"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
| 522 | + | .decl Rule_Match_ruby_lang_insecure_ftp_2(node: AST_NodeId) |
| 523 | + | .output Rule_Match_ruby_lang_insecure_ftp_2 |
| 524 | + | Rule_Match_ruby_lang_insecure_ftp_2(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "FTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "open"). |
| 525 | + | // rule ruby_lang_logger |
| 526 | + | .decl Rule_Match_ruby_lang_logger_0(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
| 527 | + | .output Rule_Match_ruby_lang_logger_0 |
| 528 | + | Rule_Match_ruby_lang_logger_0(node1, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "logger"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 529 | + | // rule ruby_rails_redirect_to |
| 530 | + | .decl Rule_Match_ruby_rails_redirect_to_0(node: AST_NodeId, node4: AST_NodeId) |
| 531 | + | .output Rule_Match_ruby_rails_redirect_to_0 |
| 532 | + | Rule_Match_ruby_rails_redirect_to_0(node1, node4) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "redirect_to"), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, _). |
| 533 | + | // rule ruby_lang_weak_encryption_with_data_rc4_init |
| 534 | + | .decl Rule_Match_ruby_lang_weak_encryption_with_data_rc4_init_0(node: AST_NodeId) |
| 535 | + | .output Rule_Match_ruby_lang_weak_encryption_with_data_rc4_init_0 |
| 536 | + | Rule_Match_ruby_lang_weak_encryption_with_data_rc4_init_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "RC4"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "new"). |
| 537 | + | // rule ruby_third_parties_datadog_span |
| 538 | + | .decl Rule_Match_ruby_third_parties_datadog_span_1(node: AST_NodeId) |
| 539 | + | .output Rule_Match_ruby_third_parties_datadog_span_1 |
| 540 | + | Rule_Match_ruby_third_parties_datadog_span_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Datadog"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Tracing"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "active_span"). |
| 541 | + | .decl Rule_Match_ruby_third_parties_datadog_span_2(node: AST_NodeId, node8: AST_NodeId) |
| 542 | + | .output Rule_Match_ruby_third_parties_datadog_span_2 |
| 543 | + | Rule_Match_ruby_third_parties_datadog_span_2(node1, node8) :- AST_NodeType(node1, "call"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Datadog"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Tracing"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "trace"), AST_NodeField(node1, node6, "block"), AST_NodeType(node6, "block"), AST_NodeField(node6, node7, "parameters"), AST_NodeType(node7, "block_parameters"), AST_ParentChild(node7, 0, node8), AST_NodeType(node8, _). |
| 544 | + | // rule ruby_third_parties_bugsnag |
| 545 | + | .decl Rule_Match_ruby_third_parties_bugsnag_1(node: AST_NodeId, node5: AST_NodeId) |
| 546 | + | .output Rule_Match_ruby_third_parties_bugsnag_1 |
| 547 | + | Rule_Match_ruby_third_parties_bugsnag_1(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Bugsnag"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "leave_breadcrumb"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 548 | + | .decl Rule_Match_ruby_third_parties_bugsnag_2(node: AST_NodeId, node5: AST_NodeId) |
| 549 | + | .output Rule_Match_ruby_third_parties_bugsnag_2 |
| 550 | + | Rule_Match_ruby_third_parties_bugsnag_2(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Bugsnag"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "notify"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
370 | 551 | | // rule ruby_lang_weak_encryption |
371 | 552 | | .decl Rule_Match_ruby_lang_weak_encryption_0(node: AST_NodeId) |
372 | 553 | | .output Rule_Match_ruby_lang_weak_encryption_0 |
| skipped 19 lines |
392 | 573 | | .decl Rule_Match_ruby_lang_weak_encryption_7(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId) |
393 | 574 | | .output Rule_Match_ruby_lang_weak_encryption_7 |
394 | 575 | | Rule_Match_ruby_lang_weak_encryption_7(node1, node2, node3) :- AST_NodeType(node1, "call"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "block"), AST_NodeType(node4, "do_block"), !AST_NodeField(node4, _, "parameters"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
395 | | - | // rule ruby_third_parties_algolia_client |
396 | | - | .decl Rule_Match_ruby_third_parties_algolia_client_0(node: AST_NodeId) |
397 | | - | .output Rule_Match_ruby_third_parties_algolia_client_0 |
398 | | - | Rule_Match_ruby_third_parties_algolia_client_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "scope_resolution"), AST_NodeField(node3, node4, "scope"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Algolia"), AST_NodeField(node3, node5, "name"), AST_NodeType(node5, "constant"), AST_NodeContent(node5, "Search"), AST_NodeField(node2, node6, "name"), AST_NodeType(node6, "constant"), AST_NodeContent(node6, "Client"), AST_NodeField(node1, node7, "method"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "create"). |
399 | | - | // rule ruby_lang_path_using_user_input_pathname |
400 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_pathname_0(node: AST_NodeId) |
401 | | - | .output Rule_Match_ruby_lang_path_using_user_input_pathname_0 |
402 | | - | Rule_Match_ruby_lang_path_using_user_input_pathname_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Rails"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "root"). |
403 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_pathname_1(node: AST_NodeId) |
404 | | - | .output Rule_Match_ruby_lang_path_using_user_input_pathname_1 |
405 | | - | Rule_Match_ruby_lang_path_using_user_input_pathname_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Pathname"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _). |
406 | | - | // rule google_dataflow_description_classes |
407 | | - | .decl Rule_Match_google_dataflow_description_classes_1(node: AST_NodeId, node2: AST_NodeId) |
408 | | - | .output Rule_Match_google_dataflow_description_classes_1 |
409 | | - | Rule_Match_google_dataflow_description_classes_1(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "get_snapshot"). |
410 | | - | // rule google_dataflow_template_metadata_init |
| 576 | + | // rule ruby_lang_http_url_using_user_input_curb |
| 577 | + | .decl Rule_Match_ruby_lang_http_url_using_user_input_curb_0(node: AST_NodeId) |
| 578 | + | .output Rule_Match_ruby_lang_http_url_using_user_input_curb_0 |
| 579 | + | Rule_Match_ruby_lang_http_url_using_user_input_curb_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Curl"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Easy"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
| 580 | + | // rule ruby_lang_exec_using_user_input_shell_cmd_proc |
| 581 | + | .decl Rule_Match_ruby_lang_exec_using_user_input_shell_cmd_proc_0(node: AST_NodeId, node2: AST_NodeId) |
| 582 | + | .output Rule_Match_ruby_lang_exec_using_user_input_shell_cmd_proc_0 |
| 583 | + | Rule_Match_ruby_lang_exec_using_user_input_shell_cmd_proc_0(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "command_processor"). |
| 584 | + | .decl Rule_Match_ruby_lang_exec_using_user_input_shell_cmd_proc_1(node: AST_NodeId) |
| 585 | + | .output Rule_Match_ruby_lang_exec_using_user_input_shell_cmd_proc_1 |
| 586 | + | Rule_Match_ruby_lang_exec_using_user_input_shell_cmd_proc_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Shell"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "CommandProcessor"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
| 587 | + | // rule ruby_third_parties_algolia |
| 588 | + | .decl Rule_Match_ruby_third_parties_algolia_0(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
| 589 | + | .output Rule_Match_ruby_third_parties_algolia_0 |
| 590 | + | Rule_Match_ruby_third_parties_algolia_0(node1, node2, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 591 | + | // rule ruby_lang_http_post_insecure_with_data |
| 592 | + | .decl Rule_Match_ruby_lang_http_post_insecure_with_data_0(node: AST_NodeId, node7: AST_NodeId, node8: AST_NodeId) |
| 593 | + | .output Rule_Match_ruby_lang_http_post_insecure_with_data_0 |
| 594 | + | Rule_Match_ruby_lang_http_post_insecure_with_data_0(node1, node7, node8) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "HTTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "post_form"), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _), AST_ParentChild(node6, 1, node8), AST_NodeType(node8, _). |
| 595 | + | .decl Rule_Match_ruby_lang_http_post_insecure_with_data_1(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId, node6: AST_NodeId) |
| 596 | + | .output Rule_Match_ruby_lang_http_post_insecure_with_data_1 |
| 597 | + | Rule_Match_ruby_lang_http_post_insecure_with_data_1(node1, node2, node5, node6) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "post"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _), AST_ParentChild(node4, 1, node6), AST_NodeType(node6, _). |
| 598 | + | // rule google_dataflow_templates_service_client_init |
| 599 | + | .decl Rule_Match_google_dataflow_templates_service_client_init_1(node: AST_NodeId) |
| 600 | + | .output Rule_Match_google_dataflow_templates_service_client_init_1 |
| 601 | + | Rule_Match_google_dataflow_templates_service_client_init_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "scope_resolution"), AST_NodeField(node3, node4, "scope"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Google"), AST_NodeField(node3, node5, "name"), AST_NodeType(node5, "constant"), AST_NodeContent(node5, "Cloud"), AST_NodeField(node2, node6, "name"), AST_NodeType(node6, "constant"), AST_NodeContent(node6, "Dataflow"), AST_NodeField(node1, node7, "method"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "templates_service"). |
| 602 | + | // rule segment_init |
| 603 | + | .decl Rule_Match_segment_init_0(node: AST_NodeId) |
| 604 | + | .output Rule_Match_segment_init_0 |
| 605 | + | Rule_Match_segment_init_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Segment"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Analytics"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
| 606 | + | // rule ruby_third_parties_elasticsearch_client |
| 607 | + | .decl Rule_Match_ruby_third_parties_elasticsearch_client_0(node: AST_NodeId) |
| 608 | + | .output Rule_Match_ruby_third_parties_elasticsearch_client_0 |
| 609 | + | Rule_Match_ruby_third_parties_elasticsearch_client_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Elasticsearch"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Client"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
| 610 | + | .decl Rule_Match_ruby_third_parties_elasticsearch_client_1(node: AST_NodeId) |
| 611 | + | .output Rule_Match_ruby_third_parties_elasticsearch_client_1 |
| 612 | + | Rule_Match_ruby_third_parties_elasticsearch_client_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Elasticsearch"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Client"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
| 613 | + | // rule ruby_lang_regex_using_user_input |
| 614 | + | .decl Rule_Match_ruby_lang_regex_using_user_input_0(node: AST_NodeId, node3: AST_NodeId) |
| 615 | + | .output Rule_Match_ruby_lang_regex_using_user_input_0 |
| 616 | + | Rule_Match_ruby_lang_regex_using_user_input_0(node1, node3) :- AST_NodeType(node1, "regex"), AST_ParentChild(node1, 0, node2), AST_NodeType(node2, "interpolation"), AST_ParentChild(node2, 0, node3), AST_NodeType(node3, _). |
| 617 | + | .decl Rule_Match_ruby_lang_regex_using_user_input_1(node: AST_NodeId, node3: AST_NodeId) |
| 618 | + | .output Rule_Match_ruby_lang_regex_using_user_input_1 |
| 619 | + | Rule_Match_ruby_lang_regex_using_user_input_1(node1, node3) :- AST_NodeType(node1, "regex"), AST_ParentChild(node1, 0, node2), AST_NodeType(node2, "interpolation"), AST_ParentChild(node2, 0, node3), AST_NodeType(node3, _). |
| 620 | + | .decl Rule_Match_ruby_lang_regex_using_user_input_2(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
| 621 | + | .output Rule_Match_ruby_lang_regex_using_user_input_2 |
| 622 | + | Rule_Match_ruby_lang_regex_using_user_input_2(node1, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Regexp"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
411 | 623 | | // rule ruby_lang_http_url_using_user_input_excon |
412 | 624 | | .decl Rule_Match_ruby_lang_http_url_using_user_input_excon_0(node: AST_NodeId) |
413 | 625 | | .output Rule_Match_ruby_lang_http_url_using_user_input_excon_0 |
| skipped 1 lines |
415 | 627 | | .decl Rule_Match_ruby_lang_http_url_using_user_input_excon_1(node: AST_NodeId) |
416 | 628 | | .output Rule_Match_ruby_lang_http_url_using_user_input_excon_1 |
417 | 629 | | Rule_Match_ruby_lang_http_url_using_user_input_excon_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Excon"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Connection"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
| 630 | + | // rule ruby_lang_weak_encryption_with_data_openssl_rsa_init |
| 631 | + | .decl Rule_Match_ruby_lang_weak_encryption_with_data_openssl_rsa_init_0(node: AST_NodeId) |
| 632 | + | .output Rule_Match_ruby_lang_weak_encryption_with_data_openssl_rsa_init_0 |
| 633 | + | Rule_Match_ruby_lang_weak_encryption_with_data_openssl_rsa_init_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "scope_resolution"), AST_NodeField(node3, node4, "scope"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "OpenSSL"), AST_NodeField(node3, node5, "name"), AST_NodeType(node5, "constant"), AST_NodeContent(node5, "PKey"), AST_NodeField(node2, node6, "name"), AST_NodeType(node6, "constant"), AST_NodeContent(node6, "RSA"), AST_NodeField(node1, node7, "method"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "new"). |
| 634 | + | // rule ruby_lang_http_insecure_url_hash |
| 635 | + | .decl Rule_Match_ruby_lang_http_insecure_url_hash_0(node: AST_NodeId, node3: AST_NodeId) |
| 636 | + | .output Rule_Match_ruby_lang_http_insecure_url_hash_0 |
| 637 | + | Rule_Match_ruby_lang_http_insecure_url_hash_0(node1, node3) :- AST_NodeType(node1, "hash"), AST_ParentChild(node1, 0, node2), AST_NodeType(node2, "pair"), AST_NodeField(node2, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":url"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "url")), AST_NodeField(node2, node3, "value"), AST_NodeType(node3, _). |
418 | 638 | | // rule google_dataflow_client_init |
419 | 639 | | .decl Rule_Match_google_dataflow_client_init_1(node: AST_NodeId, node7: AST_NodeId) |
420 | 640 | | .output Rule_Match_google_dataflow_client_init_1 |
421 | 641 | | Rule_Match_google_dataflow_client_init_1(node1, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "scope_resolution"), AST_NodeField(node3, node4, "scope"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Google"), AST_NodeField(node3, node5, "name"), AST_NodeType(node5, "constant"), AST_NodeContent(node5, "Cloud"), AST_NodeField(node2, node6, "name"), AST_NodeType(node6, "constant"), AST_NodeContent(node6, "Dataflow"), AST_NodeField(node1, node7, "method"), AST_NodeType(node7, _). |
422 | | - | // rule ruby_lang_path_using_user_input |
423 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_0(node: AST_NodeId, node3: AST_NodeId) |
424 | | - | .output Rule_Match_ruby_lang_path_using_user_input_0 |
425 | | - | Rule_Match_ruby_lang_path_using_user_input_0(node1, node3) :- AST_NodeType(node1, "element_reference"), AST_NodeField(node1, node2, "object"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Dir"), AST_ParentChild(node1, 0, node3), AST_NodeType(node3, _). |
426 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_1(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
427 | | - | .output Rule_Match_ruby_lang_path_using_user_input_1 |
428 | | - | Rule_Match_ruby_lang_path_using_user_input_1(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
429 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_2(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
430 | | - | .output Rule_Match_ruby_lang_path_using_user_input_2 |
431 | | - | Rule_Match_ruby_lang_path_using_user_input_2(node1, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "IO"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
432 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_3(node: AST_NodeId, node5: AST_NodeId) |
433 | | - | .output Rule_Match_ruby_lang_path_using_user_input_3 |
434 | | - | Rule_Match_ruby_lang_path_using_user_input_3(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Kernel"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "open"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
435 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_4(node: AST_NodeId, node4: AST_NodeId) |
436 | | - | .output Rule_Match_ruby_lang_path_using_user_input_4 |
437 | | - | Rule_Match_ruby_lang_path_using_user_input_4(node1, node4) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "open"), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, _). |
438 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_5(node: AST_NodeId, node5: AST_NodeId) |
439 | | - | .output Rule_Match_ruby_lang_path_using_user_input_5 |
440 | | - | Rule_Match_ruby_lang_path_using_user_input_5(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "PStore"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "new"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
441 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_6(node: AST_NodeId, node5: AST_NodeId, node7: AST_NodeId) |
442 | | - | .output Rule_Match_ruby_lang_path_using_user_input_6 |
443 | | - | Rule_Match_ruby_lang_path_using_user_input_6(node1, node5, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Gem"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Util"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, _), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
444 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_7(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
445 | | - | .output Rule_Match_ruby_lang_path_using_user_input_7 |
446 | | - | Rule_Match_ruby_lang_path_using_user_input_7(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
447 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_8(node: AST_NodeId, node2: AST_NodeId, node4: AST_NodeId) |
448 | | - | .output Rule_Match_ruby_lang_path_using_user_input_8 |
449 | | - | Rule_Match_ruby_lang_path_using_user_input_8(node1, node2, node4) :- AST_NodeType(node1, "binary"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "operator"), AST_NodeType(node3, "+"), AST_NodeField(node1, node4, "right"), AST_NodeType(node4, _). |
450 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_9(node: AST_NodeId, node2: AST_NodeId, node4: AST_NodeId) |
451 | | - | .output Rule_Match_ruby_lang_path_using_user_input_9 |
452 | | - | Rule_Match_ruby_lang_path_using_user_input_9(node1, node2, node4) :- AST_NodeType(node1, "binary"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "operator"), AST_NodeType(node3, "/"), AST_NodeField(node1, node4, "right"), AST_NodeType(node4, _). |
453 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_10(node: AST_NodeId, node5: AST_NodeId) |
454 | | - | .output Rule_Match_ruby_lang_path_using_user_input_10 |
455 | | - | Rule_Match_ruby_lang_path_using_user_input_10(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Shell"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "cd"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
456 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_11(node: AST_NodeId, node5: AST_NodeId) |
457 | | - | .output Rule_Match_ruby_lang_path_using_user_input_11 |
458 | | - | Rule_Match_ruby_lang_path_using_user_input_11(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Shell"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "new"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
459 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_12(node: AST_NodeId, node5: AST_NodeId) |
460 | | - | .output Rule_Match_ruby_lang_path_using_user_input_12 |
461 | | - | Rule_Match_ruby_lang_path_using_user_input_12(node1, node5) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Shell"), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "default_system_path"), AST_NodeField(node1, node5, "right"), AST_NodeType(node5, _). |
462 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_13(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
463 | | - | .output Rule_Match_ruby_lang_path_using_user_input_13 |
464 | | - | Rule_Match_ruby_lang_path_using_user_input_13(node1, node2, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
465 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_14(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
466 | | - | .output Rule_Match_ruby_lang_path_using_user_input_14 |
467 | | - | Rule_Match_ruby_lang_path_using_user_input_14(node1, node2, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
468 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_15(node: AST_NodeId, node2: AST_NodeId, node4: AST_NodeId) |
469 | | - | .output Rule_Match_ruby_lang_path_using_user_input_15 |
470 | | - | Rule_Match_ruby_lang_path_using_user_input_15(node1, node2, node4) :- AST_NodeType(node1, "element_reference"), AST_NodeField(node1, node2, "object"), AST_NodeType(node2, _), AST_ParentChild(node1, 0, node3), AST_NodeType(node3, _), AST_ParentChild(node1, 1, node4), AST_NodeType(node4, _). |
471 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_16(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
472 | | - | .output Rule_Match_ruby_lang_path_using_user_input_16 |
473 | | - | Rule_Match_ruby_lang_path_using_user_input_16(node1, node2, node5) :- AST_NodeType(node1, "call"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "transact"), AST_NodeField(node1, node4, "block"), AST_NodeType(node4, "do_block"), !AST_NodeField(node4, _, "parameters"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
474 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_17(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
475 | | - | .output Rule_Match_ruby_lang_path_using_user_input_17 |
476 | | - | Rule_Match_ruby_lang_path_using_user_input_17(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), !AST_NodeField(node1, _, "receiver"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "pair"), AST_NodeField(node4, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":CurioVar1"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "CurioVar1")), AST_NodeField(node4, node5, "value"), AST_NodeType(node5, _). |
477 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_18(node: AST_NodeId, node2: AST_NodeId, node6: AST_NodeId) |
478 | | - | .output Rule_Match_ruby_lang_path_using_user_input_18 |
479 | | - | Rule_Match_ruby_lang_path_using_user_input_18(node1, node2, node6) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "hash"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, "pair"), AST_NodeField(node5, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":CurioVar1"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "CurioVar1")), AST_NodeField(node5, node6, "value"), AST_NodeType(node6, _). |
480 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_19(node: AST_NodeId, node4: AST_NodeId) |
481 | | - | .output Rule_Match_ruby_lang_path_using_user_input_19 |
482 | | - | Rule_Match_ruby_lang_path_using_user_input_19(node1, node4) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "send_file"), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, _). |
| 642 | + | // rule ruby_lang_jwt |
| 643 | + | .decl Rule_Match_ruby_lang_jwt_0(node: AST_NodeId, node5: AST_NodeId) |
| 644 | + | .output Rule_Match_ruby_lang_jwt_0 |
| 645 | + | Rule_Match_ruby_lang_jwt_0(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "JWT"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "encode"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 646 | + | // rule ruby_third_parties_segment |
| 647 | + | .decl Rule_Match_ruby_third_parties_segment_0(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
| 648 | + | .output Rule_Match_ruby_third_parties_segment_0 |
| 649 | + | Rule_Match_ruby_third_parties_segment_0(node1, node2, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 650 | + | // rule ruby_third_parties_google_analytics |
| 651 | + | // rule ruby_lang_eval_using_user_input_user_input |
| 652 | + | .decl Rule_Match_ruby_lang_eval_using_user_input_user_input_0(node: AST_NodeId) |
| 653 | + | .output Rule_Match_ruby_lang_eval_using_user_input_user_input_0 |
| 654 | + | Rule_Match_ruby_lang_eval_using_user_input_user_input_0(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "params"). |
| 655 | + | .decl Rule_Match_ruby_lang_eval_using_user_input_user_input_1(node: AST_NodeId) |
| 656 | + | .output Rule_Match_ruby_lang_eval_using_user_input_user_input_1 |
| 657 | + | Rule_Match_ruby_lang_eval_using_user_input_user_input_1(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "request"). |
| 658 | + | .decl Rule_Match_ruby_lang_eval_using_user_input_user_input_2(node: AST_NodeId) |
| 659 | + | .output Rule_Match_ruby_lang_eval_using_user_input_user_input_2 |
| 660 | + | Rule_Match_ruby_lang_eval_using_user_input_user_input_2(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "cookies"). |
| 661 | + | .decl Rule_Match_ruby_lang_eval_using_user_input_user_input_3(node: AST_NodeId) |
| 662 | + | .output Rule_Match_ruby_lang_eval_using_user_input_user_input_3 |
| 663 | + | Rule_Match_ruby_lang_eval_using_user_input_user_input_3(node1) :- AST_NodeType(node1, "method"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "parameters"), AST_NodeType(node3, "method_parameters"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "keyword_parameter"), !AST_NodeField(node4, _, "value"), AST_NodeField(node4, node5, "name"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "event"), AST_ParentChild(node3, 1, node6), AST_NodeType(node6, "keyword_parameter"), !AST_NodeField(node6, _, "value"), AST_NodeField(node6, node7, "name"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "context"). |
| 664 | + | // rule google_dataflow_description_classes |
| 665 | + | .decl Rule_Match_google_dataflow_description_classes_1(node: AST_NodeId, node2: AST_NodeId) |
| 666 | + | .output Rule_Match_google_dataflow_description_classes_1 |
| 667 | + | Rule_Match_google_dataflow_description_classes_1(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "get_snapshot"). |
| 668 | + | // rule ruby_lang_path_using_user_input_pathname |
| 669 | + | .decl Rule_Match_ruby_lang_path_using_user_input_pathname_0(node: AST_NodeId) |
| 670 | + | .output Rule_Match_ruby_lang_path_using_user_input_pathname_0 |
| 671 | + | Rule_Match_ruby_lang_path_using_user_input_pathname_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Rails"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "root"). |
| 672 | + | .decl Rule_Match_ruby_lang_path_using_user_input_pathname_1(node: AST_NodeId) |
| 673 | + | .output Rule_Match_ruby_lang_path_using_user_input_pathname_1 |
| 674 | + | Rule_Match_ruby_lang_path_using_user_input_pathname_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Pathname"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _). |
| 675 | + | // rule rc4_init |
| 676 | + | .decl Rule_Match_rc4_init_0(node: AST_NodeId) |
| 677 | + | .output Rule_Match_rc4_init_0 |
| 678 | + | Rule_Match_rc4_init_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "RC4"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "new"). |
483 | 679 | | // rule ruby_lang_http_url_using_user_input |
484 | 680 | | .decl Rule_Match_ruby_lang_http_url_using_user_input_0(node: AST_NodeId, node5: AST_NodeId, node7: AST_NodeId) |
485 | 681 | | .output Rule_Match_ruby_lang_http_url_using_user_input_0 |
| skipped 52 lines |
538 | 734 | | .decl Rule_Match_ruby_lang_http_url_using_user_input_19(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
539 | 735 | | .output Rule_Match_ruby_lang_http_url_using_user_input_19 |
540 | 736 | | Rule_Match_ruby_lang_http_url_using_user_input_19(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "post"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
541 | | - | // rule ruby_lang_http_url_using_user_input_net_http_new |
542 | | - | .decl Rule_Match_ruby_lang_http_url_using_user_input_net_http_new_1(node: AST_NodeId, node5: AST_NodeId) |
543 | | - | .output Rule_Match_ruby_lang_http_url_using_user_input_net_http_new_1 |
544 | | - | Rule_Match_ruby_lang_http_url_using_user_input_net_http_new_1(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "HTTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, _), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
545 | | - | // rule ruby_rails_logger |
546 | | - | .decl Rule_Match_ruby_rails_logger_0(node: AST_NodeId, node5: AST_NodeId, node7: AST_NodeId) |
547 | | - | .output Rule_Match_ruby_rails_logger_0 |
548 | | - | Rule_Match_ruby_rails_logger_0(node1, node5, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Rails"), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "logger"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, _), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
549 | | - | // rule ruby_lang_insecure_ftp |
550 | | - | .decl Rule_Match_ruby_lang_insecure_ftp_0(node: AST_NodeId) |
551 | | - | .output Rule_Match_ruby_lang_insecure_ftp_0 |
552 | | - | Rule_Match_ruby_lang_insecure_ftp_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "FTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
553 | | - | .decl Rule_Match_ruby_lang_insecure_ftp_1(node: AST_NodeId, node7: AST_NodeId) |
554 | | - | .output Rule_Match_ruby_lang_insecure_ftp_1 |
555 | | - | Rule_Match_ruby_lang_insecure_ftp_1(node1, node7) :- AST_NodeType(node1, "call"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "FTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "open"), AST_NodeField(node1, node6, "block"), AST_NodeType(node6, "do_block"), !AST_NodeField(node6, _, "parameters"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
556 | | - | .decl Rule_Match_ruby_lang_insecure_ftp_2(node: AST_NodeId) |
557 | | - | .output Rule_Match_ruby_lang_insecure_ftp_2 |
558 | | - | Rule_Match_ruby_lang_insecure_ftp_2(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "FTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "open"). |
559 | | - | // rule ruby_third_parties_elasticsearch_client |
560 | | - | .decl Rule_Match_ruby_third_parties_elasticsearch_client_0(node: AST_NodeId) |
561 | | - | .output Rule_Match_ruby_third_parties_elasticsearch_client_0 |
562 | | - | Rule_Match_ruby_third_parties_elasticsearch_client_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Elasticsearch"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Client"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
563 | | - | .decl Rule_Match_ruby_third_parties_elasticsearch_client_1(node: AST_NodeId) |
564 | | - | .output Rule_Match_ruby_third_parties_elasticsearch_client_1 |
565 | | - | Rule_Match_ruby_third_parties_elasticsearch_client_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Elasticsearch"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Client"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
566 | | - | // rule ruby_lang_http_post_insecure_with_data |
567 | | - | .decl Rule_Match_ruby_lang_http_post_insecure_with_data_0(node: AST_NodeId, node7: AST_NodeId, node8: AST_NodeId) |
568 | | - | .output Rule_Match_ruby_lang_http_post_insecure_with_data_0 |
569 | | - | Rule_Match_ruby_lang_http_post_insecure_with_data_0(node1, node7, node8) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "HTTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "post_form"), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _), AST_ParentChild(node6, 1, node8), AST_NodeType(node8, _). |
570 | | - | .decl Rule_Match_ruby_lang_http_post_insecure_with_data_1(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId, node6: AST_NodeId) |
571 | | - | .output Rule_Match_ruby_lang_http_post_insecure_with_data_1 |
572 | | - | Rule_Match_ruby_lang_http_post_insecure_with_data_1(node1, node2, node5, node6) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "post"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _), AST_ParentChild(node4, 1, node6), AST_NodeType(node6, _). |
573 | | - | // rule rc4_init |
574 | | - | .decl Rule_Match_rc4_init_0(node: AST_NodeId) |
575 | | - | .output Rule_Match_rc4_init_0 |
576 | | - | Rule_Match_rc4_init_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "RC4"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "new"). |
577 | | - | // rule ruby_rails_password_length |
578 | | - | // rule ruby_lang_reflection_using_user_input |
579 | | - | .decl Rule_Match_ruby_lang_reflection_using_user_input_0(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
580 | | - | .output Rule_Match_ruby_lang_reflection_using_user_input_0 |
581 | | - | Rule_Match_ruby_lang_reflection_using_user_input_0(node1, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
582 | | - | .decl Rule_Match_ruby_lang_reflection_using_user_input_1(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
583 | | - | .output Rule_Match_ruby_lang_reflection_using_user_input_1 |
584 | | - | Rule_Match_ruby_lang_reflection_using_user_input_1(node1, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
585 | | - | .decl Rule_Match_ruby_lang_reflection_using_user_input_2(node: AST_NodeId, node2: AST_NodeId, node4: AST_NodeId) |
586 | | - | .output Rule_Match_ruby_lang_reflection_using_user_input_2 |
587 | | - | Rule_Match_ruby_lang_reflection_using_user_input_2(node1, node2, node4) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, _). |
588 | | - | .decl Rule_Match_ruby_lang_reflection_using_user_input_3(node: AST_NodeId, node2: AST_NodeId) |
589 | | - | .output Rule_Match_ruby_lang_reflection_using_user_input_3 |
590 | | - | Rule_Match_ruby_lang_reflection_using_user_input_3(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "to_proc"). |
591 | | - | .decl Rule_Match_ruby_lang_reflection_using_user_input_4(node: AST_NodeId, node5: AST_NodeId) |
592 | | - | .output Rule_Match_ruby_lang_reflection_using_user_input_4 |
593 | | - | Rule_Match_ruby_lang_reflection_using_user_input_4(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "block_argument"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
594 | | - | .decl Rule_Match_ruby_lang_reflection_using_user_input_5(node: AST_NodeId, node6: AST_NodeId) |
595 | | - | .output Rule_Match_ruby_lang_reflection_using_user_input_5 |
596 | | - | Rule_Match_ruby_lang_reflection_using_user_input_5(node1, node6) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, "block_argument"), AST_ParentChild(node5, 0, node6), AST_NodeType(node6, _). |
597 | | - | .decl Rule_Match_ruby_lang_reflection_using_user_input_6(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId) |
598 | | - | .output Rule_Match_ruby_lang_reflection_using_user_input_6 |
599 | | - | Rule_Match_ruby_lang_reflection_using_user_input_6(node1, node2, node3) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _). |
600 | | - | // rule ruby_third_parties_bigquery_insert_async |
601 | | - | .decl Rule_Match_ruby_third_parties_bigquery_insert_async_0(node: AST_NodeId, node2: AST_NodeId) |
602 | | - | .output Rule_Match_ruby_third_parties_bigquery_insert_async_0 |
603 | | - | Rule_Match_ruby_third_parties_bigquery_insert_async_0(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "insert_async"). |
604 | | - | .decl Rule_Match_ruby_third_parties_bigquery_insert_async_1(node: AST_NodeId, node2: AST_NodeId) |
605 | | - | .output Rule_Match_ruby_third_parties_bigquery_insert_async_1 |
606 | | - | Rule_Match_ruby_third_parties_bigquery_insert_async_1(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "insert_async"). |
607 | | - | .decl Rule_Match_ruby_third_parties_bigquery_insert_async_2(node: AST_NodeId, node2: AST_NodeId) |
608 | | - | .output Rule_Match_ruby_third_parties_bigquery_insert_async_2 |
609 | | - | Rule_Match_ruby_third_parties_bigquery_insert_async_2(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "insert_async"). |
610 | | - | // rule ruby_rails_permissive_regex_validation |
611 | | - | .decl Rule_Match_ruby_rails_permissive_regex_validation_0(node: AST_NodeId, node7: AST_NodeId) |
612 | | - | .output Rule_Match_ruby_rails_permissive_regex_validation_0 |
613 | | - | Rule_Match_ruby_rails_permissive_regex_validation_0(node1, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "validates"), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "pair"), AST_NodeField(node4, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":format"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "format")), AST_NodeField(node4, node5, "value"), AST_NodeType(node5, "hash"), AST_ParentChild(node5, 0, node6), AST_NodeType(node6, "pair"), AST_NodeField(node6, tmp1, "key"), (AST_NodeType(tmp1, "simple_symbol"), AST_NodeContent(tmp1, ":with"); AST_NodeType(tmp1, "hash_key_symbol"), AST_NodeContent(tmp1, "with")), AST_NodeField(node6, node7, "value"), AST_NodeType(node7, _). |
614 | | - | .decl Rule_Match_ruby_rails_permissive_regex_validation_1(node: AST_NodeId, node5: AST_NodeId) |
615 | | - | .output Rule_Match_ruby_rails_permissive_regex_validation_1 |
616 | | - | Rule_Match_ruby_rails_permissive_regex_validation_1(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "validates_format_of"), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "pair"), AST_NodeField(node4, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":with"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "with")), AST_NodeField(node4, node5, "value"), AST_NodeType(node5, _). |
617 | | - | // rule ruby_lang_jwt |
618 | | - | .decl Rule_Match_ruby_lang_jwt_0(node: AST_NodeId, node5: AST_NodeId) |
619 | | - | .output Rule_Match_ruby_lang_jwt_0 |
620 | | - | Rule_Match_ruby_lang_jwt_0(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "JWT"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "encode"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 737 | + | // rule ruby_lang_ssl_verification |
| 738 | + | // rule ruby_lang_weak_encryption_with_data_openssl_dsa_init |
| 739 | + | .decl Rule_Match_ruby_lang_weak_encryption_with_data_openssl_dsa_init_0(node: AST_NodeId) |
| 740 | + | .output Rule_Match_ruby_lang_weak_encryption_with_data_openssl_dsa_init_0 |
| 741 | + | Rule_Match_ruby_lang_weak_encryption_with_data_openssl_dsa_init_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "scope_resolution"), AST_NodeField(node3, node4, "scope"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "OpenSSL"), AST_NodeField(node3, node5, "name"), AST_NodeType(node5, "constant"), AST_NodeContent(node5, "PKey"), AST_NodeField(node2, node6, "name"), AST_NodeType(node6, "constant"), AST_NodeContent(node6, "DSA"), AST_NodeField(node1, node7, "method"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "new"). |
| 742 | + | // rule ruby_third_parties_datadog |
| 743 | + | .decl Rule_Match_ruby_third_parties_datadog_1(node: AST_NodeId, node2: AST_NodeId, node6: AST_NodeId) |
| 744 | + | .output Rule_Match_ruby_third_parties_datadog_1 |
| 745 | + | Rule_Match_ruby_third_parties_datadog_1(node1, node2, node6) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "set_tag"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _), AST_ParentChild(node4, 1, node6), AST_NodeType(node6, _). |
| 746 | + | .decl Rule_Match_ruby_third_parties_datadog_2(node: AST_NodeId, node8: AST_NodeId) |
| 747 | + | .output Rule_Match_ruby_third_parties_datadog_2 |
| 748 | + | Rule_Match_ruby_third_parties_datadog_2(node1, node8) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Datadog"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Tracing"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "trace"), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _), AST_ParentChild(node6, 1, node8), AST_NodeType(node8, _). |
| 749 | + | // rule ruby_lang_http_url_using_user_input_url_hash |
| 750 | + | .decl Rule_Match_ruby_lang_http_url_using_user_input_url_hash_0(node: AST_NodeId, node3: AST_NodeId) |
| 751 | + | .output Rule_Match_ruby_lang_http_url_using_user_input_url_hash_0 |
| 752 | + | Rule_Match_ruby_lang_http_url_using_user_input_url_hash_0(node1, node3) :- AST_NodeType(node1, "hash"), AST_ParentChild(node1, 0, node2), AST_NodeType(node2, "pair"), AST_NodeField(node2, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":url"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "url")), AST_NodeField(node2, node3, "value"), AST_NodeType(node3, _). |
| 753 | + | // rule ruby_lang_ftp_using_user_input |
| 754 | + | .decl Rule_Match_ruby_lang_ftp_using_user_input_0(node: AST_NodeId, node7: AST_NodeId) |
| 755 | + | .output Rule_Match_ruby_lang_ftp_using_user_input_0 |
| 756 | + | Rule_Match_ruby_lang_ftp_using_user_input_0(node1, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "FTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
| 757 | + | .decl Rule_Match_ruby_lang_ftp_using_user_input_1(node: AST_NodeId, node7: AST_NodeId) |
| 758 | + | .output Rule_Match_ruby_lang_ftp_using_user_input_1 |
| 759 | + | Rule_Match_ruby_lang_ftp_using_user_input_1(node1, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "FTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "open"), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
| 760 | + | .decl Rule_Match_ruby_lang_ftp_using_user_input_2(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
| 761 | + | .output Rule_Match_ruby_lang_ftp_using_user_input_2 |
| 762 | + | Rule_Match_ruby_lang_ftp_using_user_input_2(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
621 | 763 | | // rule ruby_third_parties_algolia_index |
622 | 764 | | .decl Rule_Match_ruby_third_parties_algolia_index_0(node: AST_NodeId, node2: AST_NodeId) |
623 | 765 | | .output Rule_Match_ruby_third_parties_algolia_index_0 |
624 | 766 | | Rule_Match_ruby_third_parties_algolia_index_0(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "init_index"). |
625 | | - | // rule ruby_rails_render_using_user_input_user_input |
626 | | - | .decl Rule_Match_ruby_rails_render_using_user_input_user_input_0(node: AST_NodeId) |
627 | | - | .output Rule_Match_ruby_rails_render_using_user_input_user_input_0 |
628 | | - | Rule_Match_ruby_rails_render_using_user_input_user_input_0(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "params"). |
629 | | - | .decl Rule_Match_ruby_rails_render_using_user_input_user_input_1(node: AST_NodeId) |
630 | | - | .output Rule_Match_ruby_rails_render_using_user_input_user_input_1 |
631 | | - | Rule_Match_ruby_rails_render_using_user_input_user_input_1(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "request"). |
632 | | - | .decl Rule_Match_ruby_rails_render_using_user_input_user_input_2(node: AST_NodeId) |
633 | | - | .output Rule_Match_ruby_rails_render_using_user_input_user_input_2 |
634 | | - | Rule_Match_ruby_rails_render_using_user_input_user_input_2(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "cookies"). |
635 | | - | // rule ruby_lang_eval_using_user_input |
636 | | - | .decl Rule_Match_ruby_lang_eval_using_user_input_0(node: AST_NodeId, node7: AST_NodeId) |
637 | | - | .output Rule_Match_ruby_lang_eval_using_user_input_0 |
638 | | - | Rule_Match_ruby_lang_eval_using_user_input_0(node1, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "RubyVM"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "InstructionSequence"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "compile"), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
639 | | - | .decl Rule_Match_ruby_lang_eval_using_user_input_1(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
640 | | - | .output Rule_Match_ruby_lang_eval_using_user_input_1 |
641 | | - | Rule_Match_ruby_lang_eval_using_user_input_1(node1, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
642 | | - | .decl Rule_Match_ruby_lang_eval_using_user_input_2(node: AST_NodeId, node2: AST_NodeId, node4: AST_NodeId) |
643 | | - | .output Rule_Match_ruby_lang_eval_using_user_input_2 |
644 | | - | Rule_Match_ruby_lang_eval_using_user_input_2(node1, node2, node4) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, _). |
645 | | - | // rule ruby_third_parties_algolia |
646 | | - | .decl Rule_Match_ruby_third_parties_algolia_0(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
647 | | - | .output Rule_Match_ruby_third_parties_algolia_0 |
648 | | - | Rule_Match_ruby_third_parties_algolia_0(node1, node2, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
649 | | - | // rule ruby_third_parties_honeybadger |
650 | | - | .decl Rule_Match_ruby_third_parties_honeybadger_0(node: AST_NodeId, node5: AST_NodeId) |
651 | | - | .output Rule_Match_ruby_third_parties_honeybadger_0 |
652 | | - | Rule_Match_ruby_third_parties_honeybadger_0(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Honeybadger"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "notify"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
653 | | - | .decl Rule_Match_ruby_third_parties_honeybadger_1(node: AST_NodeId, node5: AST_NodeId) |
654 | | - | .output Rule_Match_ruby_third_parties_honeybadger_1 |
655 | | - | Rule_Match_ruby_third_parties_honeybadger_1(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Honeybadger"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "context"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
656 | | - | .decl Rule_Match_ruby_third_parties_honeybadger_2(node: AST_NodeId, node3: AST_NodeId) |
657 | | - | .output Rule_Match_ruby_third_parties_honeybadger_2 |
658 | | - | Rule_Match_ruby_third_parties_honeybadger_2(node1, node3) :- AST_NodeType(node1, "method"), !AST_NodeField(node1, _, "parameters"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "to_honeybadger_context"), AST_ParentChild(node1, 0, node3), AST_NodeType(node3, _). |
659 | | - | .decl Rule_Match_ruby_third_parties_honeybadger_3(node: AST_NodeId, node5: AST_NodeId) |
660 | | - | .output Rule_Match_ruby_third_parties_honeybadger_3 |
661 | | - | Rule_Match_ruby_third_parties_honeybadger_3(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Honeybadger"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "add_breadcrumb"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
662 | | - | // rule open_telemetry_current_span |
663 | | - | .decl Rule_Match_open_telemetry_current_span_0(node: AST_NodeId) |
664 | | - | .output Rule_Match_open_telemetry_current_span_0 |
665 | | - | Rule_Match_open_telemetry_current_span_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "OpenTelemetry"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Trace"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "current_span"). |
666 | | - | .decl Rule_Match_open_telemetry_current_span_1(node: AST_NodeId) |
667 | | - | .output Rule_Match_open_telemetry_current_span_1 |
668 | | - | Rule_Match_open_telemetry_current_span_1(node1) :- AST_NodeType(node1, "call"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "in_span"), AST_NodeField(node1, node4, "block"), AST_NodeType(node4, "block"), AST_NodeField(node4, node5, "parameters"), AST_NodeType(node5, "block_parameters"), AST_ParentChild(node5, 0, node6), AST_NodeType(node6, _). |
| 767 | + | // rule ruby_lang_path_using_user_input_user_input |
| 768 | + | .decl Rule_Match_ruby_lang_path_using_user_input_user_input_0(node: AST_NodeId) |
| 769 | + | .output Rule_Match_ruby_lang_path_using_user_input_user_input_0 |
| 770 | + | Rule_Match_ruby_lang_path_using_user_input_user_input_0(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "params"). |
| 771 | + | .decl Rule_Match_ruby_lang_path_using_user_input_user_input_1(node: AST_NodeId) |
| 772 | + | .output Rule_Match_ruby_lang_path_using_user_input_user_input_1 |
| 773 | + | Rule_Match_ruby_lang_path_using_user_input_user_input_1(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "request"). |
| 774 | + | .decl Rule_Match_ruby_lang_path_using_user_input_user_input_2(node: AST_NodeId) |
| 775 | + | .output Rule_Match_ruby_lang_path_using_user_input_user_input_2 |
| 776 | + | Rule_Match_ruby_lang_path_using_user_input_user_input_2(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "cookies"). |
| 777 | + | .decl Rule_Match_ruby_lang_path_using_user_input_user_input_3(node: AST_NodeId) |
| 778 | + | .output Rule_Match_ruby_lang_path_using_user_input_user_input_3 |
| 779 | + | Rule_Match_ruby_lang_path_using_user_input_user_input_3(node1) :- AST_NodeType(node1, "method"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "parameters"), AST_NodeType(node3, "method_parameters"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "keyword_parameter"), !AST_NodeField(node4, _, "value"), AST_NodeField(node4, node5, "name"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "event"), AST_ParentChild(node3, 1, node6), AST_NodeType(node6, "keyword_parameter"), !AST_NodeField(node6, _, "value"), AST_NodeField(node6, node7, "name"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "context"). |
669 | 780 | | // rule ruby_lang_exec_using_user_input |
670 | 781 | | .decl Rule_Match_ruby_lang_exec_using_user_input_0(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
671 | 782 | | .output Rule_Match_ruby_lang_exec_using_user_input_0 |
| skipped 31 lines |
703 | 814 | | .decl Rule_Match_ruby_lang_exec_using_user_input_11(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
704 | 815 | | .output Rule_Match_ruby_lang_exec_using_user_input_11 |
705 | 816 | | Rule_Match_ruby_lang_exec_using_user_input_11(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "system"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
706 | | - | // rule ruby_third_parties_bigquery_client |
707 | | - | .decl Rule_Match_ruby_third_parties_bigquery_client_0(node: AST_NodeId) |
708 | | - | .output Rule_Match_ruby_third_parties_bigquery_client_0 |
709 | | - | Rule_Match_ruby_third_parties_bigquery_client_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "scope_resolution"), AST_NodeField(node3, node4, "scope"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Google"), AST_NodeField(node3, node5, "name"), AST_NodeType(node5, "constant"), AST_NodeContent(node5, "Cloud"), AST_NodeField(node2, node6, "name"), AST_NodeType(node6, "constant"), AST_NodeContent(node6, "Bigquery"), AST_NodeField(node1, node7, "method"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "new"). |
710 | | - | .decl Rule_Match_ruby_third_parties_bigquery_client_1(node: AST_NodeId) |
711 | | - | .output Rule_Match_ruby_third_parties_bigquery_client_1 |
712 | | - | Rule_Match_ruby_third_parties_bigquery_client_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "scope_resolution"), AST_NodeField(node3, node4, "scope"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Google"), AST_NodeField(node3, node5, "name"), AST_NodeType(node5, "constant"), AST_NodeContent(node5, "Cloud"), AST_NodeField(node2, node6, "name"), AST_NodeType(node6, "constant"), AST_NodeContent(node6, "Bigquery"), AST_NodeField(node1, node7, "method"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "new"). |
713 | | - | // rule ruby_lang_http_url_using_user_input_url_hash |
714 | | - | .decl Rule_Match_ruby_lang_http_url_using_user_input_url_hash_0(node: AST_NodeId, node3: AST_NodeId) |
715 | | - | .output Rule_Match_ruby_lang_http_url_using_user_input_url_hash_0 |
716 | | - | Rule_Match_ruby_lang_http_url_using_user_input_url_hash_0(node1, node3) :- AST_NodeType(node1, "hash"), AST_ParentChild(node1, 0, node2), AST_NodeType(node2, "pair"), AST_NodeField(node2, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":url"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "url")), AST_NodeField(node2, node3, "value"), AST_NodeType(node3, _). |
717 | | - | // rule ruby_lang_http_url_using_user_input_path_hash |
718 | | - | .decl Rule_Match_ruby_lang_http_url_using_user_input_path_hash_0(node: AST_NodeId, node3: AST_NodeId) |
719 | | - | .output Rule_Match_ruby_lang_http_url_using_user_input_path_hash_0 |
720 | | - | Rule_Match_ruby_lang_http_url_using_user_input_path_hash_0(node1, node3) :- AST_NodeType(node1, "hash"), AST_ParentChild(node1, 0, node2), AST_NodeType(node2, "pair"), AST_NodeField(node2, tmp0, "key"), (AST_NodeType(tmp0, "simple_symbol"), AST_NodeContent(tmp0, ":path"); AST_NodeType(tmp0, "hash_key_symbol"), AST_NodeContent(tmp0, "path")), AST_NodeField(node2, node3, "value"), AST_NodeType(node3, _). |
721 | | - | // rule ruby_third_parties_datadog |
722 | | - | .decl Rule_Match_ruby_third_parties_datadog_1(node: AST_NodeId, node2: AST_NodeId, node6: AST_NodeId) |
723 | | - | .output Rule_Match_ruby_third_parties_datadog_1 |
724 | | - | Rule_Match_ruby_third_parties_datadog_1(node1, node2, node6) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "set_tag"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _), AST_ParentChild(node4, 1, node6), AST_NodeType(node6, _). |
725 | | - | .decl Rule_Match_ruby_third_parties_datadog_2(node: AST_NodeId, node8: AST_NodeId) |
726 | | - | .output Rule_Match_ruby_third_parties_datadog_2 |
727 | | - | Rule_Match_ruby_third_parties_datadog_2(node1, node8) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Datadog"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Tracing"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "trace"), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _), AST_ParentChild(node6, 1, node8), AST_NodeType(node8, _). |
728 | | - | // rule ruby_rails_redirect_to |
729 | | - | .decl Rule_Match_ruby_rails_redirect_to_0(node: AST_NodeId, node4: AST_NodeId) |
730 | | - | .output Rule_Match_ruby_rails_redirect_to_0 |
731 | | - | Rule_Match_ruby_rails_redirect_to_0(node1, node4) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "redirect_to"), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, _). |
732 | | - | // rule ruby_third_parties_bigquery_table |
733 | | - | .decl Rule_Match_ruby_third_parties_bigquery_table_0(node: AST_NodeId, node2: AST_NodeId) |
734 | | - | .output Rule_Match_ruby_third_parties_bigquery_table_0 |
735 | | - | Rule_Match_ruby_third_parties_bigquery_table_0(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "table"). |
736 | | - | .decl Rule_Match_ruby_third_parties_bigquery_table_1(node: AST_NodeId, node2: AST_NodeId) |
737 | | - | .output Rule_Match_ruby_third_parties_bigquery_table_1 |
738 | | - | Rule_Match_ruby_third_parties_bigquery_table_1(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "create_table"). |
739 | | - | // rule ruby_third_parties_segment |
740 | | - | .decl Rule_Match_ruby_third_parties_segment_0(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
741 | | - | .output Rule_Match_ruby_third_parties_segment_0 |
742 | | - | Rule_Match_ruby_third_parties_segment_0(node1, node2, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
743 | | - | // rule ruby_lang_http_url_using_user_input_curb |
744 | | - | .decl Rule_Match_ruby_lang_http_url_using_user_input_curb_0(node: AST_NodeId) |
745 | | - | .output Rule_Match_ruby_lang_http_url_using_user_input_curb_0 |
746 | | - | Rule_Match_ruby_lang_http_url_using_user_input_curb_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Curl"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Easy"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
747 | | - | // rule ruby_lang_exception |
748 | | - | .decl Rule_Match_ruby_lang_exception_0(node: AST_NodeId, node4: AST_NodeId) |
749 | | - | .output Rule_Match_ruby_lang_exception_0 |
750 | | - | Rule_Match_ruby_lang_exception_0(node1, node4) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "raise"), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, _). |
751 | | - | // rule ruby_lang_ssl_verification |
752 | | - | // rule ruby_lang_regex_using_user_input |
753 | | - | .decl Rule_Match_ruby_lang_regex_using_user_input_0(node: AST_NodeId, node3: AST_NodeId) |
754 | | - | .output Rule_Match_ruby_lang_regex_using_user_input_0 |
755 | | - | Rule_Match_ruby_lang_regex_using_user_input_0(node1, node3) :- AST_NodeType(node1, "regex"), AST_ParentChild(node1, 0, node2), AST_NodeType(node2, "interpolation"), AST_ParentChild(node2, 0, node3), AST_NodeType(node3, _). |
756 | | - | .decl Rule_Match_ruby_lang_regex_using_user_input_1(node: AST_NodeId, node3: AST_NodeId) |
757 | | - | .output Rule_Match_ruby_lang_regex_using_user_input_1 |
758 | | - | Rule_Match_ruby_lang_regex_using_user_input_1(node1, node3) :- AST_NodeType(node1, "regex"), AST_ParentChild(node1, 0, node2), AST_NodeType(node2, "interpolation"), AST_ParentChild(node2, 0, node3), AST_NodeType(node3, _). |
759 | | - | .decl Rule_Match_ruby_lang_regex_using_user_input_2(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
760 | | - | .output Rule_Match_ruby_lang_regex_using_user_input_2 |
761 | | - | Rule_Match_ruby_lang_regex_using_user_input_2(node1, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Regexp"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
762 | | - | // rule ruby_rails_insecure_communication |
| 817 | + | // rule open_telemetry_current_span |
| 818 | + | .decl Rule_Match_open_telemetry_current_span_0(node: AST_NodeId) |
| 819 | + | .output Rule_Match_open_telemetry_current_span_0 |
| 820 | + | Rule_Match_open_telemetry_current_span_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "OpenTelemetry"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Trace"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "current_span"). |
| 821 | + | .decl Rule_Match_open_telemetry_current_span_1(node: AST_NodeId) |
| 822 | + | .output Rule_Match_open_telemetry_current_span_1 |
| 823 | + | Rule_Match_open_telemetry_current_span_1(node1) :- AST_NodeType(node1, "call"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "in_span"), AST_NodeField(node1, node4, "block"), AST_NodeType(node4, "block"), AST_NodeField(node4, node5, "parameters"), AST_NodeType(node5, "block_parameters"), AST_ParentChild(node5, 0, node6), AST_NodeType(node6, _). |
| 824 | + | // rule ruby_lang_path_using_user_input_shell |
| 825 | + | .decl Rule_Match_ruby_lang_path_using_user_input_shell_0(node: AST_NodeId) |
| 826 | + | .output Rule_Match_ruby_lang_path_using_user_input_shell_0 |
| 827 | + | Rule_Match_ruby_lang_path_using_user_input_shell_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Shell"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "new"). |
| 828 | + | // rule ruby_third_parties_google_dataflow |
| 829 | + | .decl Rule_Match_ruby_third_parties_google_dataflow_0(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
| 830 | + | .output Rule_Match_ruby_third_parties_google_dataflow_0 |
| 831 | + | Rule_Match_ruby_third_parties_google_dataflow_0(node1, node3, node5) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, _), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "message_text"), AST_NodeField(node1, node5, "right"), AST_NodeType(node5, _). |
| 832 | + | .decl Rule_Match_ruby_third_parties_google_dataflow_1(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
| 833 | + | .output Rule_Match_ruby_third_parties_google_dataflow_1 |
| 834 | + | Rule_Match_ruby_third_parties_google_dataflow_1(node1, node3, node5) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, _), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "description"), AST_NodeField(node1, node5, "right"), AST_NodeType(node5, _). |
| 835 | + | .decl Rule_Match_ruby_third_parties_google_dataflow_2(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
| 836 | + | .output Rule_Match_ruby_third_parties_google_dataflow_2 |
| 837 | + | Rule_Match_ruby_third_parties_google_dataflow_2(node1, node3, node5) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, _), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "value"), AST_NodeField(node1, node5, "right"), AST_NodeType(node5, _). |
| 838 | + | .decl Rule_Match_ruby_third_parties_google_dataflow_3(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
| 839 | + | .output Rule_Match_ruby_third_parties_google_dataflow_3 |
| 840 | + | Rule_Match_ruby_third_parties_google_dataflow_3(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "create_job_from_template"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 841 | + | .decl Rule_Match_ruby_third_parties_google_dataflow_4(node: AST_NodeId, node3: AST_NodeId, node4: AST_NodeId, node5: AST_NodeId) |
| 842 | + | .output Rule_Match_ruby_third_parties_google_dataflow_4 |
| 843 | + | Rule_Match_ruby_third_parties_google_dataflow_4(node1, node3, node4, node5) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, _), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, _), AST_NodeField(node1, node5, "right"), AST_NodeType(node5, _). |
| 844 | + | .decl Rule_Match_ruby_third_parties_google_dataflow_5(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
| 845 | + | .output Rule_Match_ruby_third_parties_google_dataflow_5 |
| 846 | + | Rule_Match_ruby_third_parties_google_dataflow_5(node1, node3, node5) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, _), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "metadata"), AST_NodeField(node1, node5, "right"), AST_NodeType(node5, _). |
| 847 | + | // rule ruby_rails_redirect_to_user_input |
| 848 | + | .decl Rule_Match_ruby_rails_redirect_to_user_input_0(node: AST_NodeId) |
| 849 | + | .output Rule_Match_ruby_rails_redirect_to_user_input_0 |
| 850 | + | Rule_Match_ruby_rails_redirect_to_user_input_0(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "params"). |
| 851 | + | .decl Rule_Match_ruby_rails_redirect_to_user_input_1(node: AST_NodeId) |
| 852 | + | .output Rule_Match_ruby_rails_redirect_to_user_input_1 |
| 853 | + | Rule_Match_ruby_rails_redirect_to_user_input_1(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "request"). |
| 854 | + | .decl Rule_Match_ruby_rails_redirect_to_user_input_2(node: AST_NodeId) |
| 855 | + | .output Rule_Match_ruby_rails_redirect_to_user_input_2 |
| 856 | + | Rule_Match_ruby_rails_redirect_to_user_input_2(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "cookies"). |
| 857 | + | // rule ruby_lang_http_url_using_user_input_user_input |
| 858 | + | .decl Rule_Match_ruby_lang_http_url_using_user_input_user_input_0(node: AST_NodeId) |
| 859 | + | .output Rule_Match_ruby_lang_http_url_using_user_input_user_input_0 |
| 860 | + | Rule_Match_ruby_lang_http_url_using_user_input_user_input_0(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "params"). |
| 861 | + | .decl Rule_Match_ruby_lang_http_url_using_user_input_user_input_1(node: AST_NodeId) |
| 862 | + | .output Rule_Match_ruby_lang_http_url_using_user_input_user_input_1 |
| 863 | + | Rule_Match_ruby_lang_http_url_using_user_input_user_input_1(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "request"). |
| 864 | + | .decl Rule_Match_ruby_lang_http_url_using_user_input_user_input_2(node: AST_NodeId) |
| 865 | + | .output Rule_Match_ruby_lang_http_url_using_user_input_user_input_2 |
| 866 | + | Rule_Match_ruby_lang_http_url_using_user_input_user_input_2(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "cookies"). |
| 867 | + | .decl Rule_Match_ruby_lang_http_url_using_user_input_user_input_3(node: AST_NodeId) |
| 868 | + | .output Rule_Match_ruby_lang_http_url_using_user_input_user_input_3 |
| 869 | + | Rule_Match_ruby_lang_http_url_using_user_input_user_input_3(node1) :- AST_NodeType(node1, "method"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "parameters"), AST_NodeType(node3, "method_parameters"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "keyword_parameter"), !AST_NodeField(node4, _, "value"), AST_NodeField(node4, node5, "name"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "event"), AST_ParentChild(node3, 1, node6), AST_NodeType(node6, "keyword_parameter"), !AST_NodeField(node6, _, "value"), AST_NodeField(node6, node7, "name"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "context"). |
763 | 870 | | // rule ruby_lang_file_generation_file |
764 | 871 | | .decl Rule_Match_ruby_lang_file_generation_file_0(node: AST_NodeId) |
765 | 872 | | .output Rule_Match_ruby_lang_file_generation_file_0 |
| skipped 19 lines |
785 | 892 | | .decl Rule_Match_ruby_lang_file_generation_file_7(node: AST_NodeId) |
786 | 893 | | .output Rule_Match_ruby_lang_file_generation_file_7 |
787 | 894 | | Rule_Match_ruby_lang_file_generation_file_7(node1) :- AST_NodeType(node1, "call"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "IO"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "open"), AST_NodeField(node1, node4, "block"), AST_NodeType(node4, "block"), AST_NodeField(node4, node5, "parameters"), AST_NodeType(node5, "block_parameters"), AST_ParentChild(node5, 0, node6), AST_NodeType(node6, _). |
788 | | - | // rule google_dataflow_templates_service_client_init |
789 | | - | .decl Rule_Match_google_dataflow_templates_service_client_init_1(node: AST_NodeId) |
790 | | - | .output Rule_Match_google_dataflow_templates_service_client_init_1 |
791 | | - | Rule_Match_google_dataflow_templates_service_client_init_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "scope_resolution"), AST_NodeField(node3, node4, "scope"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Google"), AST_NodeField(node3, node5, "name"), AST_NodeType(node5, "constant"), AST_NodeContent(node5, "Cloud"), AST_NodeField(node2, node6, "name"), AST_NodeType(node6, "constant"), AST_NodeContent(node6, "Dataflow"), AST_NodeField(node1, node7, "method"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "templates_service"). |
792 | | - | // rule ruby_lang_ftp_using_user_input |
793 | | - | .decl Rule_Match_ruby_lang_ftp_using_user_input_0(node: AST_NodeId, node7: AST_NodeId) |
794 | | - | .output Rule_Match_ruby_lang_ftp_using_user_input_0 |
795 | | - | Rule_Match_ruby_lang_ftp_using_user_input_0(node1, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "FTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
796 | | - | .decl Rule_Match_ruby_lang_ftp_using_user_input_1(node: AST_NodeId, node7: AST_NodeId) |
797 | | - | .output Rule_Match_ruby_lang_ftp_using_user_input_1 |
798 | | - | Rule_Match_ruby_lang_ftp_using_user_input_1(node1, node7) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Net"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "FTP"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "open"), AST_NodeField(node1, node6, "arguments"), AST_NodeType(node6, "argument_list"), AST_ParentChild(node6, 0, node7), AST_NodeType(node7, _). |
799 | | - | .decl Rule_Match_ruby_lang_ftp_using_user_input_2(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
800 | | - | .output Rule_Match_ruby_lang_ftp_using_user_input_2 |
801 | | - | Rule_Match_ruby_lang_ftp_using_user_input_2(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
802 | | - | // rule ruby_third_parties_clickhouse_insert_rows |
803 | | - | // rule ruby_lang_regex_using_user_input_user_input |
804 | | - | .decl Rule_Match_ruby_lang_regex_using_user_input_user_input_0(node: AST_NodeId) |
805 | | - | .output Rule_Match_ruby_lang_regex_using_user_input_user_input_0 |
806 | | - | Rule_Match_ruby_lang_regex_using_user_input_user_input_0(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "params"). |
807 | | - | .decl Rule_Match_ruby_lang_regex_using_user_input_user_input_1(node: AST_NodeId) |
808 | | - | .output Rule_Match_ruby_lang_regex_using_user_input_user_input_1 |
809 | | - | Rule_Match_ruby_lang_regex_using_user_input_user_input_1(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "request"). |
810 | | - | .decl Rule_Match_ruby_lang_regex_using_user_input_user_input_2(node: AST_NodeId) |
811 | | - | .output Rule_Match_ruby_lang_regex_using_user_input_user_input_2 |
812 | | - | Rule_Match_ruby_lang_regex_using_user_input_user_input_2(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "cookies"). |
813 | | - | .decl Rule_Match_ruby_lang_regex_using_user_input_user_input_3(node: AST_NodeId) |
814 | | - | .output Rule_Match_ruby_lang_regex_using_user_input_user_input_3 |
815 | | - | Rule_Match_ruby_lang_regex_using_user_input_user_input_3(node1) :- AST_NodeType(node1, "method"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "parameters"), AST_NodeType(node3, "method_parameters"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "keyword_parameter"), !AST_NodeField(node4, _, "value"), AST_NodeField(node4, node5, "name"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "event"), AST_ParentChild(node3, 1, node6), AST_NodeType(node6, "keyword_parameter"), !AST_NodeField(node6, _, "value"), AST_NodeField(node6, node7, "name"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "context"). |
816 | | - | // rule ruby_third_parties_datadog_span |
817 | | - | .decl Rule_Match_ruby_third_parties_datadog_span_1(node: AST_NodeId) |
818 | | - | .output Rule_Match_ruby_third_parties_datadog_span_1 |
819 | | - | Rule_Match_ruby_third_parties_datadog_span_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Datadog"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Tracing"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "active_span"). |
820 | | - | .decl Rule_Match_ruby_third_parties_datadog_span_2(node: AST_NodeId, node8: AST_NodeId) |
821 | | - | .output Rule_Match_ruby_third_parties_datadog_span_2 |
822 | | - | Rule_Match_ruby_third_parties_datadog_span_2(node1, node8) :- AST_NodeType(node1, "call"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Datadog"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Tracing"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "trace"), AST_NodeField(node1, node6, "block"), AST_NodeType(node6, "block"), AST_NodeField(node6, node7, "parameters"), AST_NodeType(node7, "block_parameters"), AST_ParentChild(node7, 0, node8), AST_NodeType(node8, _). |
823 | | - | // rule ruby_third_parties_open_telemetry |
824 | | - | .decl Rule_Match_ruby_third_parties_open_telemetry_0(node: AST_NodeId, node2: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
825 | | - | .output Rule_Match_ruby_third_parties_open_telemetry_0 |
826 | | - | Rule_Match_ruby_third_parties_open_telemetry_0(node1, node2, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
827 | | - | .decl Rule_Match_ruby_third_parties_open_telemetry_1(node: AST_NodeId, node6: AST_NodeId) |
828 | | - | .output Rule_Match_ruby_third_parties_open_telemetry_1 |
829 | | - | Rule_Match_ruby_third_parties_open_telemetry_1(node1, node6) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "in_span"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _), AST_ParentChild(node4, 1, node6), AST_NodeType(node6, _). |
830 | | - | // rule google_dataflow_value_classes |
831 | | - | // rule ruby_rails_render_using_user_input_sanitized |
832 | | - | .decl Rule_Match_ruby_rails_render_using_user_input_sanitized_0(node: AST_NodeId, node2: AST_NodeId, node4: AST_NodeId) |
833 | | - | .output Rule_Match_ruby_rails_render_using_user_input_sanitized_0 |
834 | | - | Rule_Match_ruby_rails_render_using_user_input_sanitized_0(node1, node2, node4) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, _). |
835 | | - | // rule ruby_third_parties_rollbar |
836 | | - | .decl Rule_Match_ruby_third_parties_rollbar_0(node: AST_NodeId, node5: AST_NodeId) |
837 | | - | .output Rule_Match_ruby_third_parties_rollbar_0 |
838 | | - | Rule_Match_ruby_third_parties_rollbar_0(node1, node5) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, _), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "rollbar_context"), AST_NodeField(node1, node5, "right"), AST_NodeType(node5, _). |
839 | | - | .decl Rule_Match_ruby_third_parties_rollbar_1(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
840 | | - | .output Rule_Match_ruby_third_parties_rollbar_1 |
841 | | - | Rule_Match_ruby_third_parties_rollbar_1(node1, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Rollbar"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
842 | | - | .decl Rule_Match_ruby_third_parties_rollbar_2(node: AST_NodeId, node6: AST_NodeId) |
843 | | - | .output Rule_Match_ruby_third_parties_rollbar_2 |
844 | | - | Rule_Match_ruby_third_parties_rollbar_2(node1, node6) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Rollbar"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "log"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _), AST_ParentChild(node4, 1, node6), AST_NodeType(node6, _). |
845 | | - | .decl Rule_Match_ruby_third_parties_rollbar_3(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
846 | | - | .output Rule_Match_ruby_third_parties_rollbar_3 |
847 | | - | Rule_Match_ruby_third_parties_rollbar_3(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "scope"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
848 | | - | .decl Rule_Match_ruby_third_parties_rollbar_4(node: AST_NodeId, node5: AST_NodeId) |
849 | | - | .output Rule_Match_ruby_third_parties_rollbar_4 |
850 | | - | Rule_Match_ruby_third_parties_rollbar_4(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Rollbar"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "scoped"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
851 | | - | // rule ruby_lang_deserialization_of_user_input_user_input |
852 | | - | .decl Rule_Match_ruby_lang_deserialization_of_user_input_user_input_0(node: AST_NodeId) |
853 | | - | .output Rule_Match_ruby_lang_deserialization_of_user_input_user_input_0 |
854 | | - | Rule_Match_ruby_lang_deserialization_of_user_input_user_input_0(node1) :- AST_NodeType(node1, "method"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "parameters"), AST_NodeType(node3, "method_parameters"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "keyword_parameter"), !AST_NodeField(node4, _, "value"), AST_NodeField(node4, node5, "name"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "event"), AST_ParentChild(node3, 1, node6), AST_NodeType(node6, "keyword_parameter"), !AST_NodeField(node6, _, "value"), AST_NodeField(node6, node7, "name"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "context"). |
855 | | - | .decl Rule_Match_ruby_lang_deserialization_of_user_input_user_input_1(node: AST_NodeId, node1: AST_NodeId) |
856 | | - | .output Rule_Match_ruby_lang_deserialization_of_user_input_user_input_1 |
857 | | - | Rule_Match_ruby_lang_deserialization_of_user_input_user_input_1(node1, node1) :- AST_NodeType(node1, _). |
| 895 | + | // rule ruby_rails_session_key_using_user_input |
| 896 | + | .decl Rule_Match_ruby_rails_session_key_using_user_input_0(node: AST_NodeId, node3: AST_NodeId) |
| 897 | + | .output Rule_Match_ruby_rails_session_key_using_user_input_0 |
| 898 | + | Rule_Match_ruby_rails_session_key_using_user_input_0(node1, node3) :- AST_NodeType(node1, "element_reference"), AST_NodeField(node1, node2, "object"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "session"), AST_ParentChild(node1, 0, node3), AST_NodeType(node3, _). |
858 | 899 | | // rule ruby_lang_weak_encryption_with_data_blowfish_init |
859 | 900 | | .decl Rule_Match_ruby_lang_weak_encryption_with_data_blowfish_init_0(node: AST_NodeId) |
860 | 901 | | .output Rule_Match_ruby_lang_weak_encryption_with_data_blowfish_init_0 |
861 | 902 | | Rule_Match_ruby_lang_weak_encryption_with_data_blowfish_init_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Crypt"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Blowfish"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
862 | | - | // rule ruby_lang_http_get_params |
863 | | - | .decl Rule_Match_ruby_lang_http_get_params_0(node: AST_NodeId, node5: AST_NodeId) |
864 | | - | .output Rule_Match_ruby_lang_http_get_params_0 |
865 | | - | Rule_Match_ruby_lang_http_get_params_0(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "URI"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "encode_www_form"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
866 | | - | .decl Rule_Match_ruby_lang_http_get_params_1(node: AST_NodeId, node4: AST_NodeId) |
867 | | - | .output Rule_Match_ruby_lang_http_get_params_1 |
868 | | - | Rule_Match_ruby_lang_http_get_params_1(node1, node4) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "URI"), AST_NodeField(node1, node3, "arguments"), AST_NodeType(node3, "argument_list"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, _). |
869 | | - | .decl Rule_Match_ruby_lang_http_get_params_2(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
870 | | - | .output Rule_Match_ruby_lang_http_get_params_2 |
871 | | - | Rule_Match_ruby_lang_http_get_params_2(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "get"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
872 | | - | // rule ruby_lang_weak_encryption_with_data_openssl_dsa_init |
873 | | - | .decl Rule_Match_ruby_lang_weak_encryption_with_data_openssl_dsa_init_0(node: AST_NodeId) |
874 | | - | .output Rule_Match_ruby_lang_weak_encryption_with_data_openssl_dsa_init_0 |
875 | | - | Rule_Match_ruby_lang_weak_encryption_with_data_openssl_dsa_init_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "scope_resolution"), AST_NodeField(node3, node4, "scope"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "OpenSSL"), AST_NodeField(node3, node5, "name"), AST_NodeType(node5, "constant"), AST_NodeContent(node5, "PKey"), AST_NodeField(node2, node6, "name"), AST_NodeType(node6, "constant"), AST_NodeContent(node6, "DSA"), AST_NodeField(node1, node7, "method"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "new"). |
876 | | - | // rule ruby_lang_path_using_user_input_shell_cmd_proc |
877 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_shell_cmd_proc_0(node: AST_NodeId, node2: AST_NodeId) |
878 | | - | .output Rule_Match_ruby_lang_path_using_user_input_shell_cmd_proc_0 |
879 | | - | Rule_Match_ruby_lang_path_using_user_input_shell_cmd_proc_0(node1, node2) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "command_processor"). |
880 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_shell_cmd_proc_1(node: AST_NodeId) |
881 | | - | .output Rule_Match_ruby_lang_path_using_user_input_shell_cmd_proc_1 |
882 | | - | Rule_Match_ruby_lang_path_using_user_input_shell_cmd_proc_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Shell"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "CommandProcessor"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
883 | | - | // rule ruby_rails_session_key_using_user_input |
884 | | - | .decl Rule_Match_ruby_rails_session_key_using_user_input_0(node: AST_NodeId, node3: AST_NodeId) |
885 | | - | .output Rule_Match_ruby_rails_session_key_using_user_input_0 |
886 | | - | Rule_Match_ruby_rails_session_key_using_user_input_0(node1, node3) :- AST_NodeType(node1, "element_reference"), AST_NodeField(node1, node2, "object"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "session"), AST_ParentChild(node1, 0, node3), AST_NodeType(node3, _). |
887 | | - | // rule ruby_third_parties_google_dataflow |
888 | | - | .decl Rule_Match_ruby_third_parties_google_dataflow_0(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
889 | | - | .output Rule_Match_ruby_third_parties_google_dataflow_0 |
890 | | - | Rule_Match_ruby_third_parties_google_dataflow_0(node1, node3, node5) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, _), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "message_text"), AST_NodeField(node1, node5, "right"), AST_NodeType(node5, _). |
891 | | - | .decl Rule_Match_ruby_third_parties_google_dataflow_1(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
892 | | - | .output Rule_Match_ruby_third_parties_google_dataflow_1 |
893 | | - | Rule_Match_ruby_third_parties_google_dataflow_1(node1, node3, node5) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, _), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "description"), AST_NodeField(node1, node5, "right"), AST_NodeType(node5, _). |
894 | | - | .decl Rule_Match_ruby_third_parties_google_dataflow_2(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
895 | | - | .output Rule_Match_ruby_third_parties_google_dataflow_2 |
896 | | - | Rule_Match_ruby_third_parties_google_dataflow_2(node1, node3, node5) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, _), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "value"), AST_NodeField(node1, node5, "right"), AST_NodeType(node5, _). |
897 | | - | .decl Rule_Match_ruby_third_parties_google_dataflow_3(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
898 | | - | .output Rule_Match_ruby_third_parties_google_dataflow_3 |
899 | | - | Rule_Match_ruby_third_parties_google_dataflow_3(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "create_job_from_template"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
900 | | - | .decl Rule_Match_ruby_third_parties_google_dataflow_4(node: AST_NodeId, node3: AST_NodeId, node4: AST_NodeId, node5: AST_NodeId) |
901 | | - | .output Rule_Match_ruby_third_parties_google_dataflow_4 |
902 | | - | Rule_Match_ruby_third_parties_google_dataflow_4(node1, node3, node4, node5) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, _), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, _), AST_NodeField(node1, node5, "right"), AST_NodeType(node5, _). |
903 | | - | .decl Rule_Match_ruby_third_parties_google_dataflow_5(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
904 | | - | .output Rule_Match_ruby_third_parties_google_dataflow_5 |
905 | | - | Rule_Match_ruby_third_parties_google_dataflow_5(node1, node3, node5) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "call"), !AST_NodeField(node2, _, "block"), (!AST_NodeField(node2, _, "arguments"); AST_NodeField(node2, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node2, node3, "receiver"), AST_NodeType(node3, _), AST_NodeField(node2, node4, "method"), AST_NodeType(node4, "identifier"), AST_NodeContent(node4, "metadata"), AST_NodeField(node1, node5, "right"), AST_NodeType(node5, _). |
906 | | - | // rule ruby_lang_weak_encryption_with_data_rc4_init |
907 | | - | .decl Rule_Match_ruby_lang_weak_encryption_with_data_rc4_init_0(node: AST_NodeId) |
908 | | - | .output Rule_Match_ruby_lang_weak_encryption_with_data_rc4_init_0 |
909 | | - | Rule_Match_ruby_lang_weak_encryption_with_data_rc4_init_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "RC4"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "new"). |
910 | | - | // rule ruby_lang_logger |
911 | | - | .decl Rule_Match_ruby_lang_logger_0(node: AST_NodeId, node3: AST_NodeId, node5: AST_NodeId) |
912 | | - | .output Rule_Match_ruby_lang_logger_0 |
913 | | - | Rule_Match_ruby_lang_logger_0(node1, node3, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "identifier"), AST_NodeContent(node2, "logger"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, _), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 903 | + | // rule google_dataflow_snapshots_client_init |
| 904 | + | .decl Rule_Match_google_dataflow_snapshots_client_init_1(node: AST_NodeId) |
| 905 | + | .output Rule_Match_google_dataflow_snapshots_client_init_1 |
| 906 | + | Rule_Match_google_dataflow_snapshots_client_init_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "scope_resolution"), AST_NodeField(node3, node4, "scope"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Google"), AST_NodeField(node3, node5, "name"), AST_NodeType(node5, "constant"), AST_NodeContent(node5, "Cloud"), AST_NodeField(node2, node6, "name"), AST_NodeType(node6, "constant"), AST_NodeContent(node6, "Dataflow"), AST_NodeField(node1, node7, "method"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "snapshots"). |
| 907 | + | // rule ruby_lang_deserialization_of_user_input_sanitized_user_input |
| 908 | + | .decl Rule_Match_ruby_lang_deserialization_of_user_input_sanitized_user_input_0(node: AST_NodeId) |
| 909 | + | .output Rule_Match_ruby_lang_deserialization_of_user_input_sanitized_user_input_0 |
| 910 | + | Rule_Match_ruby_lang_deserialization_of_user_input_sanitized_user_input_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "JSON"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "parse"). |
| 911 | + | .decl Rule_Match_ruby_lang_deserialization_of_user_input_sanitized_user_input_1(node: AST_NodeId) |
| 912 | + | .output Rule_Match_ruby_lang_deserialization_of_user_input_sanitized_user_input_1 |
| 913 | + | Rule_Match_ruby_lang_deserialization_of_user_input_sanitized_user_input_1(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "receiver"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "method"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Nokogiri"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "XML"). |
| 914 | + | // rule ruby_rails_session |
| 915 | + | .decl Rule_Match_ruby_rails_session_0(node: AST_NodeId, node5: AST_NodeId) |
| 916 | + | .output Rule_Match_ruby_rails_session_0 |
| 917 | + | Rule_Match_ruby_rails_session_0(node1, node5) :- AST_NodeType(node1, "assignment"), AST_NodeField(node1, node2, "left"), AST_NodeType(node2, "element_reference"), AST_NodeField(node2, node3, "object"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "session"), AST_ParentChild(node2, 0, node4), AST_NodeType(node4, _), AST_NodeField(node1, node5, "right"), AST_NodeType(node5, _). |
914 | 918 | | // rule ruby_third_parties_bigquery |
915 | 919 | | .decl Rule_Match_ruby_third_parties_bigquery_0(node: AST_NodeId, node2: AST_NodeId, node5: AST_NodeId) |
916 | 920 | | .output Rule_Match_ruby_third_parties_bigquery_0 |
917 | 921 | | Rule_Match_ruby_third_parties_bigquery_0(node1, node2, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "insert"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
918 | | - | // rule ruby_lang_path_using_user_input_shell |
919 | | - | .decl Rule_Match_ruby_lang_path_using_user_input_shell_0(node: AST_NodeId) |
920 | | - | .output Rule_Match_ruby_lang_path_using_user_input_shell_0 |
921 | | - | Rule_Match_ruby_lang_path_using_user_input_shell_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Shell"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "new"). |
922 | | - | // rule ruby_rails_session_key_using_user_input_user_input |
923 | | - | .decl Rule_Match_ruby_rails_session_key_using_user_input_user_input_0(node: AST_NodeId) |
924 | | - | .output Rule_Match_ruby_rails_session_key_using_user_input_user_input_0 |
925 | | - | Rule_Match_ruby_rails_session_key_using_user_input_user_input_0(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "params"). |
926 | | - | .decl Rule_Match_ruby_rails_session_key_using_user_input_user_input_1(node: AST_NodeId) |
927 | | - | .output Rule_Match_ruby_rails_session_key_using_user_input_user_input_1 |
928 | | - | Rule_Match_ruby_rails_session_key_using_user_input_user_input_1(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "request"). |
929 | | - | .decl Rule_Match_ruby_rails_session_key_using_user_input_user_input_2(node: AST_NodeId) |
930 | | - | .output Rule_Match_ruby_rails_session_key_using_user_input_user_input_2 |
931 | | - | Rule_Match_ruby_rails_session_key_using_user_input_user_input_2(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "cookies"). |
932 | | - | // rule ruby_third_parties_bugsnag |
933 | | - | .decl Rule_Match_ruby_third_parties_bugsnag_1(node: AST_NodeId, node5: AST_NodeId) |
934 | | - | .output Rule_Match_ruby_third_parties_bugsnag_1 |
935 | | - | Rule_Match_ruby_third_parties_bugsnag_1(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Bugsnag"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "leave_breadcrumb"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
936 | | - | .decl Rule_Match_ruby_third_parties_bugsnag_2(node: AST_NodeId, node5: AST_NodeId) |
937 | | - | .output Rule_Match_ruby_third_parties_bugsnag_2 |
938 | | - | Rule_Match_ruby_third_parties_bugsnag_2(node1, node5) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "constant"), AST_NodeContent(node2, "Bugsnag"), AST_NodeField(node1, node3, "method"), AST_NodeType(node3, "identifier"), AST_NodeContent(node3, "notify"), AST_NodeField(node1, node4, "arguments"), AST_NodeType(node4, "argument_list"), AST_ParentChild(node4, 0, node5), AST_NodeType(node5, _). |
| 922 | + | // rule blowfish_init |
| 923 | + | .decl Rule_Match_blowfish_init_0(node: AST_NodeId) |
| 924 | + | .output Rule_Match_blowfish_init_0 |
| 925 | + | Rule_Match_blowfish_init_0(node1) :- AST_NodeType(node1, "call"), !AST_NodeField(node1, _, "block"), (!AST_NodeField(node1, _, "arguments"); AST_NodeField(node1, tmp0, "arguments"), !AST_ParentChild(tmp0, _, _)), AST_NodeField(node1, node2, "receiver"), AST_NodeType(node2, "scope_resolution"), AST_NodeField(node2, node3, "scope"), AST_NodeType(node3, "constant"), AST_NodeContent(node3, "Crypt"), AST_NodeField(node2, node4, "name"), AST_NodeType(node4, "constant"), AST_NodeContent(node4, "Blowfish"), AST_NodeField(node1, node5, "method"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "new"). |
| 926 | + | // rule ruby_lang_ftp_using_user_input_user_input |
| 927 | + | .decl Rule_Match_ruby_lang_ftp_using_user_input_user_input_0(node: AST_NodeId) |
| 928 | + | .output Rule_Match_ruby_lang_ftp_using_user_input_user_input_0 |
| 929 | + | Rule_Match_ruby_lang_ftp_using_user_input_user_input_0(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "params"). |
| 930 | + | .decl Rule_Match_ruby_lang_ftp_using_user_input_user_input_1(node: AST_NodeId) |
| 931 | + | .output Rule_Match_ruby_lang_ftp_using_user_input_user_input_1 |
| 932 | + | Rule_Match_ruby_lang_ftp_using_user_input_user_input_1(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "request"). |
| 933 | + | .decl Rule_Match_ruby_lang_ftp_using_user_input_user_input_2(node: AST_NodeId) |
| 934 | + | .output Rule_Match_ruby_lang_ftp_using_user_input_user_input_2 |
| 935 | + | Rule_Match_ruby_lang_ftp_using_user_input_user_input_2(node1) :- AST_NodeType(node1, "identifier"), AST_NodeContent(node1, "cookies"). |
| 936 | + | .decl Rule_Match_ruby_lang_ftp_using_user_input_user_input_3(node: AST_NodeId) |
| 937 | + | .output Rule_Match_ruby_lang_ftp_using_user_input_user_input_3 |
| 938 | + | Rule_Match_ruby_lang_ftp_using_user_input_user_input_3(node1) :- AST_NodeType(node1, "method"), AST_NodeField(node1, node2, "name"), AST_NodeType(node2, _), AST_NodeField(node1, node3, "parameters"), AST_NodeType(node3, "method_parameters"), AST_ParentChild(node3, 0, node4), AST_NodeType(node4, "keyword_parameter"), !AST_NodeField(node4, _, "value"), AST_NodeField(node4, node5, "name"), AST_NodeType(node5, "identifier"), AST_NodeContent(node5, "event"), AST_ParentChild(node3, 1, node6), AST_NodeType(node6, "keyword_parameter"), !AST_NodeField(node6, _, "value"), AST_NodeField(node6, node7, "name"), AST_NodeType(node7, "identifier"), AST_NodeContent(node7, "context"). |
939 | 939 | | |