Ruby: Synthesize implicit super arguments

Author: hvitved

ruby/ql/lib/codeql/ruby/ast/Expr.qll

@@ -248,13 +248,7 @@ class ParenthesizedExpr extends StmtSequence, TParenthesizedExpr {
  * baz(qux: 1)
  * ```
  */
-class Pair extends Expr, TPair {
-  private Ruby::Pair g;
-
-  Pair() { this = TPair(g) }
-
-  final override string getAPrimaryQlClass() { result = "Pair" }
-
+class Pair extends Expr instanceof PairImpl {
   /**
    * Gets the key expression of this pair. For example, the `SymbolLiteral`
    * representing the keyword `foo` in the following example:
@@ -266,7 +260,7 @@ class Pair extends Expr, TPair {
    * { 'foo' => 123 }
    * ```
    */
-  final Expr getKey() { toGenerated(result) = g.getKey() }
+  final Expr getKey() { result = PairImpl.super.getKey() }
 
   /**
    * Gets the value expression of this pair. For example, the `IntegerLiteral`
@@ -275,20 +269,9 @@ class Pair extends Expr, TPair {
    * { 'foo' => 123 }
    * ```
    */
-  final Expr getValue() {
-    toGenerated(result) = g.getValue() or
-    synthChild(this, 0, result)
-  }
-
-  final override string toString() { result = "Pair" }
+  final Expr getValue() { result = PairImpl.super.getValue() }
 
-  final override AstNode getAChild(string pred) {
-    result = super.getAChild(pred)
-    or
-    pred = "getKey" and result = this.getKey()
-    or
-    pred = "getValue" and result = this.getValue()
-  }
+  final override string getAPrimaryQlClass() { result = "Pair" }
 }
 
 /**

ruby/ql/lib/codeql/ruby/ast/Literal.qll

@@ -305,7 +305,9 @@ class StringlikeLiteral extends Literal instanceof StringlikeLiteralImpl {
   final override AstNode getAChild(string pred) {
     result = Literal.super.getAChild(pred)
     or
-    pred = "getComponent" and result = this.getComponent(_)
+    pred = "getComponent" and
+    result = this.getComponent(_) and
+    not this instanceof SimpleSymbolLiteralSynth
   }
 }
 

ruby/ql/lib/codeql/ruby/ast/Operation.qll

@@ -92,10 +92,6 @@ class SplatExpr extends UnaryOperation, TSplatExpr {
  * ```
  */
 class HashSplatExpr extends UnaryOperation, THashSplatExpr {
-  private Ruby::HashSplatArgument g;
-
-  HashSplatExpr() { this = THashSplatExpr(g) }
-
   final override string getAPrimaryQlClass() { result = "HashSplatExpr" }
 }
 

ruby/ql/lib/codeql/ruby/ast/internal/AST.qll

@@ -164,7 +164,8 @@ private module Cached {
     THashKeySymbolLiteral(Ruby::HashKeySymbol g) or
     THashLiteral(Ruby::Hash g) or
     THashPattern(Ruby::HashPattern g) or
-    THashSplatExpr(Ruby::HashSplatArgument g) or
+    THashSplatExprReal(Ruby::HashSplatArgument g) or
+    THashSplatExprSynth(Ast::AstNode parent, int i) { mkSynthChild(HashSplatExprKind(), parent, i) } or
     THashSplatNilParameter(Ruby::HashSplatNil g) { not g.getParent() instanceof Ruby::HashPattern } or
     THashSplatParameter(Ruby::HashSplatParameter g) {
       not g.getParent() instanceof Ruby::HashPattern
@@ -232,7 +233,8 @@ private module Cached {
     TNotExprReal(Ruby::Unary g) { g instanceof @ruby_unary_bang or g instanceof @ruby_unary_not } or
     TNotExprSynth(Ast::AstNode parent, int i) { mkSynthChild(NotExprKind(), parent, i) } or
     TOptionalParameter(Ruby::OptionalParameter g) or
-    TPair(Ruby::Pair g) or
+    TPairReal(Ruby::Pair g) or
+    TPairSynth(Ast::AstNode parent, int i) { mkSynthChild(PairExprKind(), parent, i) } or
     TParenthesizedExpr(Ruby::ParenthesizedStatements g) or
     TParenthesizedPattern(Ruby::ParenthesizedPattern g) or
     TRShiftExprReal(Ruby::Binary g) { g instanceof @ruby_binary_ranglerangle } or
@@ -274,7 +276,10 @@ private module Cached {
     TSimpleParameterSynth(Ast::AstNode parent, int i) {
       mkSynthChild(SimpleParameterKind(), parent, i)
     } or
-    TSimpleSymbolLiteral(Ruby::SimpleSymbol g) or
+    TSimpleSymbolLiteralReal(Ruby::SimpleSymbol g) or
+    TSimpleSymbolLiteralSynth(Ast::AstNode parent, int i, string value) {
+      mkSynthChild(SymbolLiteralExprKind(value), parent, i)
+    } or
     TSingletonClass(Ruby::SingletonClass g) or
     TSingletonMethod(Ruby::SingletonMethod g) or
     TSpaceshipExpr(Ruby::Binary g) { g instanceof @ruby_binary_langleequalrangle } or
@@ -362,19 +367,19 @@ private module Cached {
         TEnsure or TEqExpr or TExponentExprReal or TFalseLiteral or TFile or TFindPattern or
         TFloatLiteral or TForExpr or TForwardParameter or TForwardArgument or TGEExpr or TGTExpr or
         TGlobalVariableAccessReal or THashKeySymbolLiteral or THashLiteral or THashPattern or
-        THashSplatExpr or THashSplatNilParameter or THashSplatParameter or THereDoc or
+        THashSplatExprReal or THashSplatNilParameter or THashSplatParameter or THereDoc or
         TIdentifierMethodCall or TIfReal or TIfModifierExpr or TInClauseReal or
         TInstanceVariableAccessReal or TIntegerLiteralReal or TKeywordParameter or TLEExpr or
         TLShiftExprReal or TLTExpr or TLambda or TLeftAssignmentList or TLine or
         TLocalVariableAccessReal or TLogicalAndExprReal or TLogicalOrExprReal or TMethod or
         TMatchPattern or TModuleDeclaration or TModuloExprReal or TMulExprReal or TNEExpr or
         TNextStmt or TNilLiteralReal or TNoRegExpMatchExpr or TNotExprReal or TOptionalParameter or
-        TPair or TParenthesizedExpr or TParenthesizedPattern or TRShiftExprReal or
+        TPairReal or TParenthesizedExpr or TParenthesizedPattern or TRShiftExprReal or
         TRangeLiteralReal or TRationalLiteral or TRedoStmt or TRegExpLiteral or TRegExpMatchExpr or
         TRegularArrayLiteral or TRegularMethodCall or TRegularStringLiteral or TRegularSuperCall or
         TRescueClause or TRescueModifierExpr or TRetryStmt or TReturnStmt or
         TScopeResolutionConstantAccess or TSelfReal or TSimpleParameterReal or
-        TSimpleSymbolLiteral or TSingletonClass or TSingletonMethod or TSpaceshipExpr or
+        TSimpleSymbolLiteralReal or TSingletonClass or TSingletonMethod or TSpaceshipExpr or
         TSplatExprReal or TSplatParameter or TStringArrayLiteral or TStringConcatenation or
         TStringEscapeSequenceComponent or TStringInterpolationComponent or TStringTextComponent or
         TSubExprReal or TSubshellLiteral or TSymbolArrayLiteral or TTernaryIfExpr or TTestPattern or
@@ -392,7 +397,8 @@ private module Cached {
         TLShiftExprSynth or TLocalVariableAccessSynth or TLogicalAndExprSynth or
         TLogicalOrExprSynth or TMethodCallSynth or TModuloExprSynth or TMulExprSynth or
         TNilLiteralSynth or TRShiftExprSynth or TRangeLiteralSynth or TSelfSynth or
-        TSimpleParameterSynth or TSplatExprSynth or TStmtSequenceSynth or TSubExprSynth;
+        TSimpleParameterSynth or TSplatExprSynth or THashSplatExprSynth or TStmtSequenceSynth or
+        TSubExprSynth or TPairSynth or TSimpleSymbolLiteralSynth;
 
   /**
    * Gets the underlying TreeSitter entity for a given AST node. This does not
@@ -468,7 +474,7 @@ private module Cached {
     n = THashKeySymbolLiteral(result) or
     n = THashLiteral(result) or
     n = THashPattern(result) or
-    n = THashSplatExpr(result) or
+    n = THashSplatExprReal(result) or
     n = THashSplatNilParameter(result) or
     n = THashSplatParameter(result) or
     n = THereDoc(result) or
@@ -499,7 +505,7 @@ private module Cached {
     n = TNoRegExpMatchExpr(result) or
     n = TNotExprReal(result) or
     n = TOptionalParameter(result) or
-    n = TPair(result) or
+    n = TPairReal(result) or
     n = TParenthesizedExpr(result) or
     n = TParenthesizedPattern(result) or
     n = TRangeLiteralReal(result) or
@@ -519,7 +525,7 @@ private module Cached {
     n = TScopeResolutionConstantAccess(result, _) or
     n = TSelfReal(result) or
     n = TSimpleParameterReal(result) or
-    n = TSimpleSymbolLiteral(result) or
+    n = TSimpleSymbolLiteralReal(result) or
     n = TSingletonClass(result) or
     n = TSingletonMethod(result) or
     n = TSpaceshipExpr(result) or
@@ -633,9 +639,15 @@ private module Cached {
     or
     result = TSplatExprSynth(parent, i)
     or
+    result = THashSplatExprSynth(parent, i)
+    or
     result = TStmtSequenceSynth(parent, i)
     or
     result = TSubExprSynth(parent, i)
+    or
+    result = TPairSynth(parent, i)
+    or
+    result = TSimpleSymbolLiteralSynth(parent, i, _)
   }
 
   /**
@@ -726,6 +738,8 @@ class TSelf = TSelfReal or TSelfSynth;
 
 class TDestructuredLhsExpr = TDestructuredLeftAssignment or TLeftAssignmentList;
 
+class TPair = TPairReal or TPairSynth;
+
 class TExpr =
   TSelf or TArgumentList or TRescueClause or TRescueModifierExpr or TPair or TStringConcatenation or
       TCall or TBlockArgument or TConstantAccess or TControlExpr or TLiteral or TCallable or
@@ -734,6 +748,8 @@ class TExpr =
 
 class TSplatExpr = TSplatExprReal or TSplatExprSynth;
 
+class THashSplatExpr = THashSplatExprReal or THashSplatExprSynth;
+
 class TElse = TElseReal or TElseSynth;
 
 class TStmtSequence =
@@ -768,13 +784,16 @@ class TStringInterpolationComponent =
   TStringInterpolationComponentNonRegexp or TStringInterpolationComponentRegexp;
 
 class TStringComponent =
-  TStringTextComponent or TStringEscapeSequenceComponent or TStringInterpolationComponent;
+  TStringTextComponent or TStringEscapeSequenceComponent or TStringInterpolationComponent or
+      TSimpleSymbolLiteralSynth;
 
 class TStringlikeLiteral =
   TStringLiteral or TRegExpLiteral or TSymbolLiteral or TSubshellLiteral or THereDoc;
 
 class TStringLiteral = TRegularStringLiteral or TBareStringLiteral;
 
+class TSimpleSymbolLiteral = TSimpleSymbolLiteralReal or TSimpleSymbolLiteralSynth;
+
 class TSymbolLiteral = TSimpleSymbolLiteral or TComplexSymbolLiteral or THashKeySymbolLiteral;
 
 class TComplexSymbolLiteral = TDelimitedSymbolLiteral or TBareSymbolLiteral;

ruby/ql/lib/codeql/ruby/ast/internal/Call.qll

@@ -2,6 +2,7 @@ private import TreeSitter
 private import Variable
 private import codeql.ruby.AST
 private import codeql.ruby.ast.internal.AST
+private import codeql.ruby.ast.internal.Scope
 
 predicate isIdentifierMethodCall(Ruby::Identifier g) { vcall(g) and not access(g, _) }
 
@@ -133,18 +134,61 @@ private string getSuperMethodName(Ruby::Super sup) {
   )
 }
 
+private Ruby::Identifier getParameter(Ruby::Method m, int pos, Ruby::AstNode param) {
+  scopeDefinesParameterVariable(m, _, result, pos) and
+  param = m.getParameters().getChild(pos)
+}
+
 class TokenSuperCall extends SuperCallImpl, TTokenSuperCall {
   private Ruby::Super g;
 
   TokenSuperCall() { this = TTokenSuperCall(g) }
 
+  Ruby::Method getEnclosingMethod() { result = scopeOf(toGenerated(this)).getEnclosingMethod() }
+
+  int getNumberOfImplicitArguments() {
+    exists(Ruby::Method encl |
+      encl = this.getEnclosingMethod() and
+      result = count(getParameter(encl, _, _))
+    )
+  }
+
+  /**
+   * Gets the local variable defined by parameter `param` which is used as an
+   * implicit argument at position `pos`.
+   *
+   * For example, in
+   *
+   * ```ruby
+   * class Sup
+   *     def m(x)
+   *     end
+   * end
+   *
+   * class Sub < Sup
+   *    def m(x)
+   *        super
+   *    end
+   * end
+   * ```
+   *
+   * `x` is an implicit argument at position 0 of the `super` call in `Sub#m`.
+   */
+  pragma[nomagic]
+  LocalVariableReal getImplicitArgument(int pos, Ruby::AstNode param) {
+    exists(Ruby::Method encl |
+      encl = this.getEnclosingMethod() and
+      toGenerated(result.getDefiningAccessImpl()) = getParameter(encl, pos, param)
+    )
+  }
+
   final override string getMethodNameImpl() { result = getSuperMethodName(g) }
 
   final override Expr getReceiverImpl() { none() }
 
-  final override Expr getArgumentImpl(int n) { none() }
+  final override Expr getArgumentImpl(int n) { synthChild(this, n, result) }
 
-  final override int getNumberOfArgumentsImpl() { result = 0 }
+  final override int getNumberOfArgumentsImpl() { result = this.getNumberOfImplicitArguments() }
 
   final override Block getBlockImpl() { none() }
 }

ruby/ql/lib/codeql/ruby/ast/internal/Expr.qll

@@ -120,3 +120,38 @@ class LeftAssignmentListImpl extends DestructuredLhsExprImpl, Ruby::LeftAssignme
       )
   }
 }
+
+abstract class PairImpl extends Expr, TPair {
+  abstract Expr getKey();
+
+  abstract Expr getValue();
+
+  final override string toString() { result = "Pair" }
+
+  final override AstNode getAChild(string pred) {
+    result = super.getAChild(pred)
+    or
+    pred = "getKey" and result = this.getKey()
+    or
+    pred = "getValue" and result = this.getValue()
+  }
+}
+
+class PairReal extends PairImpl, TPairReal {
+  private Ruby::Pair g;
+
+  PairReal() { this = TPairReal(g) }
+
+  final override Expr getKey() { toGenerated(result) = g.getKey() }
+
+  final override Expr getValue() {
+    toGenerated(result) = g.getValue() or
+    synthChild(this, 0, result)
+  }
+}
+
+class PairSynth extends PairImpl, TPairSynth {
+  final override Expr getKey() { synthChild(this, 0, result) }
+
+  final override Expr getValue() { synthChild(this, 1, result) }
+}

ruby/ql/lib/codeql/ruby/ast/internal/Literal.qll

@@ -608,16 +608,32 @@ class BareStringLiteral extends StringLiteralImpl, TBareStringLiteral {
 
 abstract class SymbolLiteralImpl extends StringlikeLiteralImpl, TSymbolLiteral { }
 
-class SimpleSymbolLiteral extends SymbolLiteralImpl, TSimpleSymbolLiteral {
+abstract class SimpleSymbolLiteralImpl extends SymbolLiteralImpl, TSimpleSymbolLiteral { }
+
+class SimpleSymbolLiteralReal extends SimpleSymbolLiteralImpl, TSimpleSymbolLiteral {
   private Ruby::SimpleSymbol g;
 
-  SimpleSymbolLiteral() { this = TSimpleSymbolLiteral(g) }
+  SimpleSymbolLiteralReal() { this = TSimpleSymbolLiteralReal(g) }
 
   final override StringComponent getComponentImpl(int n) { n = 0 and toGenerated(result) = g }
 
   final override string toString() { result = g.getValue() }
 }
 
+class SimpleSymbolLiteralSynth extends SimpleSymbolLiteralImpl, TSimpleSymbolLiteralSynth,
+  StringComponentImpl
+{
+  private string value;
+
+  SimpleSymbolLiteralSynth() { this = TSimpleSymbolLiteralSynth(_, _, value) }
+
+  final override string getValue() { result = value }
+
+  final override StringComponent getComponentImpl(int n) { n = 0 and result = this }
+
+  final override string toString() { result = value }
+}
+
 abstract class ComplexSymbolLiteral extends SymbolLiteralImpl, TComplexSymbolLiteral { }
 
 class DelimitedSymbolLiteral extends ComplexSymbolLiteral, TDelimitedSymbolLiteral {