github · aibaars · Oct 13, 2022 · Oct 13, 2022 · Oct 12, 2022 · Oct 12, 2022
@@ -885,7 +885,7 @@ module TestOutput {
     /**
      * Gets a string used to resolve ties in node and edge ordering.
      */
-    string getOrderDisambuigation() { result = "" }
+    string getOrderDisambiguation() { result = "" }
   }
 
   query predicate nodes(RelevantNode n, string attr, string val) {
@@ -900,7 +900,7 @@ module TestOutput {
             order by
               l.getFile().getBaseName(), l.getFile().getAbsolutePath(), l.getStartLine(),
               l.getStartColumn(), l.getEndLine(), l.getEndColumn(), p.toString(),
-              p.getOrderDisambuigation()
+              p.getOrderDisambiguation()
           )
       ).toString()
   }
@@ -923,7 +923,7 @@ module TestOutput {
             order by
               l.getFile().getBaseName(), l.getFile().getAbsolutePath(), l.getStartLine(),
               l.getStartColumn(), l.getEndLine(), l.getEndColumn(), t.toString(), s.toString(),
-              s.getOrderDisambuigation()
+              s.getOrderDisambiguation()
           )
       ).toString()
   }

@@ -202,7 +202,7 @@ private predicate isFork(State q, InputSymbol s1, InputSymbol s2, State r1, Stat
     //
     // We additionally require that the there exists another InfiniteRepetitionQuantifier `mid` on the path from `q` to itself.
     // This is done to avoid flagging regular expressions such as `/(a?)*b/` - that only has polynomial runtime, and is detected by `js/polynomial-redos`.
-    // The below code is therefore a heuritic, that only flags regular expressions such as `/(a*)*b/`,
+    // The below code is therefore a heuristic, that only flags regular expressions such as `/(a*)*b/`,
     // and does not flag regular expressions such as `/(a?b?)c/`, but the latter pattern is not used frequently.
     r1 = r2 and
     q1 = q2 and

@@ -76,7 +76,7 @@ class StateTuple extends TStateTuple {
   StateTuple() { this = MkStateTuple(q1, q2, q3) }
 
   /**
-   * Gest a string repesentation of this tuple.
+   * Gest a string representation of this tuple.
    */
   string toString() { result = "(" + q1 + ", " + q2 + ", " + q3 + ")" }
 

@@ -1,5 +1,5 @@
 /**
- * Provides precicates for reasoning about bad tag filter vulnerabilities.
+ * Provides predicates for reasoning about bad tag filter vulnerabilities.
  */
 
 import regexp.RegexpMatching
@@ -65,7 +65,7 @@ predicate isBadRegexpFilter(HtmlMatchingRegExp regexp, string msg) {
   regexp.matches("<!-- foo --!>") and
   exists(int a, int b | a != b |
     regexp.fillsCaptureGroup("<!-- foo -->", a) and
-    // <!-- foo --> might be ambigously parsed (matching both capture groups), and that is ok here.
+    // <!-- foo --> might be ambiguously parsed (matching both capture groups), and that is ok here.
     regexp.fillsCaptureGroup("<!-- foo --!>", b) and
     not regexp.fillsCaptureGroup("<!-- foo --!>", a) and
     msg =

@@ -202,7 +202,7 @@ private predicate isFork(State q, InputSymbol s1, InputSymbol s2, State r1, Stat
     //
     // We additionally require that the there exists another InfiniteRepetitionQuantifier `mid` on the path from `q` to itself.
     // This is done to avoid flagging regular expressions such as `/(a?)*b/` - that only has polynomial runtime, and is detected by `js/polynomial-redos`.
-    // The below code is therefore a heuritic, that only flags regular expressions such as `/(a*)*b/`,
+    // The below code is therefore a heuristic, that only flags regular expressions such as `/(a*)*b/`,
     // and does not flag regular expressions such as `/(a?b?)c/`, but the latter pattern is not used frequently.
     r1 = r2 and
     q1 = q2 and

@@ -1,5 +1,5 @@
 /**
- * Provides precicates for reasoning about which strings are matched by a regular expression,
+ * Provides predicates for reasoning about which strings are matched by a regular expression,
  * and for testing which capture groups are filled when a particular regexp matches a string.
  */
 

@@ -76,7 +76,7 @@ class StateTuple extends TStateTuple {
   StateTuple() { this = MkStateTuple(q1, q2, q3) }
 
   /**
-   * Gest a string repesentation of this tuple.
+   * Gest a string representation of this tuple.
    */
   string toString() { result = "(" + q1 + ", " + q2 + ", " + q3 + ")" }
 

@@ -1,5 +1,5 @@
 /**
- * Provides precicates for reasoning about bad tag filter vulnerabilities.
+ * Provides predicates for reasoning about bad tag filter vulnerabilities.
  */
 
 import regexp.RegexpMatching
@@ -65,7 +65,7 @@ predicate isBadRegexpFilter(HtmlMatchingRegExp regexp, string msg) {
   regexp.matches("<!-- foo --!>") and
   exists(int a, int b | a != b |
     regexp.fillsCaptureGroup("<!-- foo -->", a) and
-    // <!-- foo --> might be ambigously parsed (matching both capture groups), and that is ok here.
+    // <!-- foo --> might be ambiguously parsed (matching both capture groups), and that is ok here.
     regexp.fillsCaptureGroup("<!-- foo --!>", b) and
     not regexp.fillsCaptureGroup("<!-- foo --!>", a) and
     msg =

@@ -202,7 +202,7 @@ private predicate isFork(State q, InputSymbol s1, InputSymbol s2, State r1, Stat
     //
     // We additionally require that the there exists another InfiniteRepetitionQuantifier `mid` on the path from `q` to itself.
     // This is done to avoid flagging regular expressions such as `/(a?)*b/` - that only has polynomial runtime, and is detected by `js/polynomial-redos`.
-    // The below code is therefore a heuritic, that only flags regular expressions such as `/(a*)*b/`,
+    // The below code is therefore a heuristic, that only flags regular expressions such as `/(a*)*b/`,
     // and does not flag regular expressions such as `/(a?b?)c/`, but the latter pattern is not used frequently.
     r1 = r2 and
     q1 = q2 and

@@ -1,5 +1,5 @@
 /**
- * Provides precicates for reasoning about which strings are matched by a regular expression,
+ * Provides predicates for reasoning about which strings are matched by a regular expression,
  * and for testing which capture groups are filled when a particular regexp matches a string.
  */
 

@@ -76,7 +76,7 @@ class StateTuple extends TStateTuple {
   StateTuple() { this = MkStateTuple(q1, q2, q3) }
 
   /**
-   * Gest a string repesentation of this tuple.
+   * Gest a string representation of this tuple.
    */
   string toString() { result = "(" + q1 + ", " + q2 + ", " + q3 + ")" }
 

@@ -216,7 +216,7 @@ struct Visitor<'a> {
     schema: &'a NodeTypeMap,
     /// A stack for gathering information from child nodes. Whenever a node is
     /// entered the parent's [Label], child counter, and an empty list is pushed.
-    /// All children append their data to the the list. When the visitor leaves a
+    /// All children append their data to the list. When the visitor leaves a
     /// node the list containing the child data is popped from the stack and
     /// matched against the dbscheme for the node. If the expectations are met
     /// the corresponding row definitions are added to the trap_output.

@@ -43,7 +43,7 @@ pub enum FieldTypeInfo {
     },
 
     /// The field can be one of several tokens, so the db type will be an `int`
-    /// with a `case @foo.kind` for each possiblity.
+    /// with a `case @foo.kind` for each possibility.
     ReservedWordInt(BTreeMap<String, (usize, String)>),
 }
 

@@ -898,7 +898,7 @@ module API {
     /** Gets the `subclass` edge label. */
     LabelSubclass subclass() { any() }
 
-    /** Gets the label representing the given keword argument/parameter. */
+    /** Gets the label representing the given keyword argument/parameter. */
     LabelKeywordParameter keywordParameter(string name) { result.getName() = name }
 
     /** Gets the label representing the `n`th positional argument/parameter. */

@@ -106,7 +106,7 @@ class MethodCall extends Call instanceof MethodCallImpl {
   final Block getBlock() { result = super.getBlockImpl() }
 
   /**
-   * Holds if the safe nagivation operator (`&.`) is used in this call.
+   * Holds if the safe navigation operator (`&.`) is used in this call.
    * ```rb
    * foo&.empty?
    * ```

@@ -65,7 +65,7 @@ class ConstantValue extends TConstantValue {
   /** Holds if this is the string value `s`. */
   predicate isString(string s) { s = this.getString() }
 
-  /** Gets the symbol value (exluding the `:` prefix), if this is a symbol. */
+  /** Gets the symbol value (excluding the `:` prefix), if this is a symbol. */
   string getSymbol() { this = TSymbol(result) }
 
   /** Holds if this is the symbol value `:s`. */

@@ -394,7 +394,7 @@ private module ResolveImpl {
 
   /**
    * The qualified names of the ancestors of a class/module. The ancestors should be an ordered list
-   * of the ancestores of `prepend`ed modules, the module itself , the ancestors or `include`d modules
+   * of the ancestors of `prepend`ed modules, the module itself , the ancestors or `include`d modules
    * and the ancestors of the super class. The priority value only distinguishes the kind of ancestor,
    * it does not order the ancestors within a group of the same kind. This is an over-approximation, however,
    * computing the precise order is tricky because it depends on the evaluation/file loading order.

@@ -885,7 +885,7 @@ module TestOutput {
     /**
      * Gets a string used to resolve ties in node and edge ordering.
      */
-    string getOrderDisambuigation() { result = "" }
+    string getOrderDisambiguation() { result = "" }
   }
 
   query predicate nodes(RelevantNode n, string attr, string val) {
@@ -900,7 +900,7 @@ module TestOutput {
             order by
               l.getFile().getBaseName(), l.getFile().getAbsolutePath(), l.getStartLine(),
               l.getStartColumn(), l.getEndLine(), l.getEndColumn(), p.toString(),
-              p.getOrderDisambuigation()
+              p.getOrderDisambiguation()
           )
       ).toString()
   }
@@ -923,7 +923,7 @@ module TestOutput {
             order by
               l.getFile().getBaseName(), l.getFile().getAbsolutePath(), l.getStartLine(),
               l.getStartColumn(), l.getEndLine(), l.getEndColumn(), t.toString(), s.toString(),
-              s.getOrderDisambuigation()
+              s.getOrderDisambiguation()
           )
       ).toString()
   }

@@ -46,7 +46,7 @@ module SummaryComponent {
 
   /**
    * Gets a summary component that represents an element in a collection at a specific
-   * known index `cv`, or an uknown index.
+   * known index `cv`, or an unknown index.
    */
   SummaryComponent elementKnownOrUnknown(ConstantValue cv) {
     result = SC::content(TKnownOrUnknownElementContent(TKnownElementContent(cv)))

@@ -1,5 +1,5 @@
 /**
- * Provides an extension point for for modeling user-controlled data.
+ * Provides an extension point for modeling user-controlled data.
  * Such data is often used as data-flow sources in security queries.
  */
 

@@ -1165,8 +1165,8 @@ private module PostUpdateNodes {
     ExprPostUpdateNode() { this = TExprPostUpdateNode(e) }
 
     override ExprNode getPreUpdateNode() {
-      // For compund arguments, such as `m(if b then x else y)`, we want the leaf nodes
-      // `[post] x` and `[post] y` to have two pre-update nodes: (1) the compund argument,
+      // For compound arguments, such as `m(if b then x else y)`, we want the leaf nodes
+      // `[post] x` and `[post] y` to have two pre-update nodes: (1) the compound argument,
       // `if b then x else y`; and the (2) the underlying expressions; `x` and `y`,
       // respectively.
       //

@@ -64,7 +64,7 @@ predicate uninitializedWrite(Cfg::EntryBasicBlock bb, int i, LocalVariable v) {
   i = -1
 }
 
-/** Holds if `bb` contains a caputured read of variable `v`. */
+/** Holds if `bb` contains a captured read of variable `v`. */
 pragma[noinline]
 private predicate hasCapturedVariableRead(Cfg::BasicBlock bb, LocalVariable v) {
   exists(LocalVariableReadAccess read |
@@ -74,7 +74,7 @@ private predicate hasCapturedVariableRead(Cfg::BasicBlock bb, LocalVariable v) {
   )
 }
 
-/** Holds if `bb` contains a caputured write to variable `v`. */
+/** Holds if `bb` contains a captured write to variable `v`. */
 pragma[noinline]
 private predicate writesCapturedVariable(Cfg::BasicBlock bb, LocalVariable v) {
   exists(LocalVariableWriteAccess write |

@@ -417,7 +417,7 @@ module Rbi {
     override ReturnType getReturnType() { result = ReturnsCall.super.getReturnType() }
   }
 
-  /** A call to `void` that spcifies that a given method does not return a useful value. */
+  /** A call to `void` that specifies that a given method does not return a useful value. */
   class MethodVoidCall extends MethodReturnsTypeCall instanceof VoidCall {
     override ReturnType getReturnType() { result = VoidCall.super.getReturnType() }
   }
@@ -448,7 +448,7 @@ module Rbi {
   }
 
   /**
-   * A call to `void` that spcifies that a given proc or block does not return
+   * A call to `void` that specifies that a given proc or block does not return
    * a useful value.
    */
   class ProcVoidCall extends ProcReturnsTypeCall instanceof VoidCall {

@@ -6,7 +6,7 @@ private import codeql.ruby.ast.internal.TreeSitter
 /** A source file that contains generated code. */
 abstract class GeneratedCodeFile extends RubyFile { }
 
-/** A file contining comments suggesting it contains generated code. */
+/** A file continuing comments suggesting it contains generated code. */
 class GeneratedCommentFile extends GeneratedCodeFile {
   GeneratedCommentFile() { this = any(GeneratedCodeComment c).getLocation().getFile() }
 }

@@ -120,7 +120,7 @@ class GraphqlSchemaObjectClass extends ClassDeclaration {
  * `GraphQL::Schema::RelayClassicMutation` or
  * `GraphQL::Schema::Resolver`.
  *
- * Both of these classes have an overrideable `resolve` instance
+ * Both of these classes have an overridable `resolve` instance
  * method which can receive user input in order to resolve a query or mutation.
  */
 private class GraphqlResolvableClass extends ClassDeclaration {
@@ -144,7 +144,7 @@ private class GraphqlResolvableClass extends ClassDeclaration {
  *
  * ```rb
  * module Mutation
- *   class NameAnInstrument < BaseMutationn
+ *   class NameAnInstrument < BaseMutation
  *     argument :instrument_uuid, Types::Uuid,
  *              required: true,
  *              loads: ::Instrument,
@@ -188,7 +188,7 @@ class GraphqlResolveMethod extends Method, Http::Server::RequestHandler::Range {
  *
  * ```rb
  * module Mutation
- *   class NameAnInstrument < BaseMutationn
+ *   class NameAnInstrument < BaseMutation
  *     argument :instrument_uuid, Types::Uuid,
  *              required: true,
  *              loads: ::Instrument,

@@ -95,7 +95,7 @@ module IO {
    * popen([env,] cmd, mode="r" [, opt]) -> io
    * popen([env,] cmd, mode="r" [, opt]) {|io| block } -> obj
    * ```
-   * `IO.popen` does different things based on the the value of `cmd`:
+   * `IO.popen` does different things based on the value of `cmd`:
    * ```
    * "-"                                      : fork
    * commandline                              : command line string which is passed to a shell

@@ -25,7 +25,7 @@ class HttpClientRequest extends Http::Client::Request::Range, DataFlow::CallNode
       [
         // One-off requests
         API::getTopLevelMember("HTTPClient"),
-        // Conncection re-use
+        // Connection re-use
         API::getTopLevelMember("HTTPClient").getInstance()
       ] and
     requestNode = connectionNode.getReturn(method) and

@@ -241,7 +241,7 @@ abstract class RegExp extends Ast::StringlikeLiteral {
 
   /**
    * Helper predicate for `escapingChar`.
-   * In order to avoid negative recusrion, we return a boolean.
+   * In order to avoid negative recursion, we return a boolean.
    * This way, we can refer to `escaping(pos - 1).booleanNot()`
    * rather than to a negated version of `escaping(pos)`.
    */

@@ -1,5 +1,5 @@
 /**
- * Provides precicates for reasoning about bad tag filter vulnerabilities.
+ * Provides predicates for reasoning about bad tag filter vulnerabilities.
  */
 
 import regexp.RegexpMatching
@@ -65,7 +65,7 @@ predicate isBadRegexpFilter(HtmlMatchingRegExp regexp, string msg) {
   regexp.matches("<!-- foo --!>") and
   exists(int a, int b | a != b |
     regexp.fillsCaptureGroup("<!-- foo -->", a) and
-    // <!-- foo --> might be ambigously parsed (matching both capture groups), and that is ok here.
+    // <!-- foo --> might be ambiguously parsed (matching both capture groups), and that is ok here.
     regexp.fillsCaptureGroup("<!-- foo --!>", b) and
     not regexp.fillsCaptureGroup("<!-- foo --!>", a) and
     msg =

@@ -202,7 +202,7 @@ private predicate isFork(State q, InputSymbol s1, InputSymbol s2, State r1, Stat
     //
     // We additionally require that the there exists another InfiniteRepetitionQuantifier `mid` on the path from `q` to itself.
     // This is done to avoid flagging regular expressions such as `/(a?)*b/` - that only has polynomial runtime, and is detected by `js/polynomial-redos`.
-    // The below code is therefore a heuritic, that only flags regular expressions such as `/(a*)*b/`,
+    // The below code is therefore a heuristic, that only flags regular expressions such as `/(a*)*b/`,
     // and does not flag regular expressions such as `/(a?b?)c/`, but the latter pattern is not used frequently.
     r1 = r2 and
     q1 = q2 and

@@ -1,5 +1,5 @@
 /**
- * Provides precicates for reasoning about which strings are matched by a regular expression,
+ * Provides predicates for reasoning about which strings are matched by a regular expression,
  * and for testing which capture groups are filled when a particular regexp matches a string.
  */
 

@@ -76,7 +76,7 @@ class StateTuple extends TStateTuple {
   StateTuple() { this = MkStateTuple(q1, q2, q3) }
 
   /**
-   * Gest a string repesentation of this tuple.
+   * Gest a string representation of this tuple.
    */
   string toString() { result = "(" + q1 + ", " + q2 + ", " + q3 + ")" }
 

@@ -23,7 +23,7 @@
 
 ### New Queries
 
-* Added a new query, `rb/log-inection`, to detect cases where a malicious user may be able to forge log entries.
+* Added a new query, `rb/log-injection`, to detect cases where a malicious user may be able to forge log entries.
 * Added a new query, `rb/incomplete-multi-character-sanitization`. The query
   finds string transformations that do not replace all occurrences of a
   multi-character substring.

@@ -2,7 +2,7 @@
 
 ### New Queries
 
-* Added a new query, `rb/log-inection`, to detect cases where a malicious user may be able to forge log entries.
+* Added a new query, `rb/log-injection`, to detect cases where a malicious user may be able to forge log entries.
 * Added a new query, `rb/incomplete-multi-character-sanitization`. The query
   finds string transformations that do not replace all occurrences of a
   multi-character substring.