Predicate UrlRedirect::taintStepViaMethodCallReturnValue
Some methods will propagate taint to their return values.
Here we cover a few common ones related to ActionController::Parameters
.
TODO: use ApiGraphs or something to restrict these method calls to the correct receiver, rather
than matching on method name alone.
Import path
import codeql.ruby.security.UrlRedirectCustomizations
predicate taintStepViaMethodCallReturnValue(Node node1, Node node2)