{
  "description": "Unsafe constantize on user-controlled class name enabling arbitrary class instantiation",
  "tags": [
    "taint",
    "reflect",
    "constantize",
    "sinatra",
    "ruby"
  ],
  "modes": [
    "full",
    "ast"
  ],
  "expected": [
    {
      "rule_id": "rb.reflection.constantize",
      "severity": null,
      "must_match": true,
      "line_range": [
        3,
        7
      ],
      "evidence_contains": [],
      "notes": "constantize on user input allows instantiation of arbitrary classes"
    },
    {
      "rule_id": "taint-unsanitised-flow",
      "severity": null,
      "must_match": true,
      "line_range": [
        2,
        8
      ],
      "modes": ["full"],
      "evidence_contains": [],
      "notes": "params[:type] flows into constantize (full mode only; AST mode does not run taint analysis)"
    }
  ]
}