C++: Add FlowSummaryNode and test it.

geoffw0 · geoffw0 · commit 6e13b877bbe4 · 2024-02-16T18:06:57.000Z
diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
@@ -57,7 +57,8 @@ private newtype TIRDataFlowNode =
     hasFinalParameterNode(_, p, indirectionIndex)
   } or
   TFinalGlobalValue(Ssa::GlobalUse globalUse) or
-  TInitialGlobalValue(Ssa::GlobalDef globalUse)
+  TInitialGlobalValue(Ssa::GlobalDef globalUse) or
+  TFlowSummaryNode(FlowSummaryImpl::Private::SummaryNode sn)
 
 /**
  * Holds if `(p, indirectionIndex)` should define a `TFinalParameterNode`
@@ -760,6 +761,31 @@ class InitialGlobalValue extends Node, TInitialGlobalValue {
   override string toStringImpl() { result = globalDef.toString() }
 }
 
+/**
+ * A data-flow node used to model flow summaries.
+ */
+class FlowSummaryNode extends Node, TFlowSummaryNode {
+  FlowSummaryImpl::Private::SummaryNode getSummaryNode() { this = TFlowSummaryNode(result) }
+
+  /**
+   * TODO: QLDoc.
+   */
+  FlowSummaryImpl::Public::SummarizedCallable getSummarizedCallable() {
+    result = this.getSummaryNode().getSummarizedCallable()
+  }
+
+  /**
+   * TODO: QLDoc.
+   */
+  override DataFlowCallable getEnclosingCallable() {
+    none() //result.asSummarizedCallable() = this.getSummarizedCallable() TODO
+  }
+
+  override Location getLocationImpl() { result = this.getSummarizedCallable().getLocation() }
+
+  override string toStringImpl() { result = this.getSummaryNode().toString() }
+}
+
 /**
  * INTERNAL: do not use.
  *
diff --git a/cpp/ql/test/library-tests/dataflow/models-as-data/FlowSummaryNode.expected b/cpp/ql/test/library-tests/dataflow/models-as-data/FlowSummaryNode.expected
@@ -0,0 +1,14 @@
+| tests.cpp:115:5:115:19 | [summary param] 0 in madArg0ToReturn |  | madArg0ToReturn |  |
+| tests.cpp:115:5:115:19 | [summary] to write: ReturnValue in madArg0ToReturn |  | madArg0ToReturn |  |
+| tests.cpp:117:5:117:28 | [summary param] 0 in madArg0ToReturnValueFlow |  | madArg0ToReturnValueFlow |  |
+| tests.cpp:117:5:117:28 | [summary] to write: ReturnValue in madArg0ToReturnValueFlow |  | madArg0ToReturnValueFlow |  |
+| tests.cpp:119:6:119:18 | [summary param] 0 in madArg0ToArg1 |  | madArg0ToArg1 |  |
+| tests.cpp:119:6:119:18 | [summary param] 1 in madArg0ToArg1 |  | madArg0ToArg1 |  |
+| tests.cpp:119:6:119:18 | [summary] to write: Argument[1] in madArg0ToArg1 |  | madArg0ToArg1 |  |
+| tests.cpp:180:7:180:19 | [summary param] 0 in madArg0ToSelf |  | madArg0ToSelf |  |
+| tests.cpp:180:7:180:19 | [summary param] this in madArg0ToSelf |  | madArg0ToSelf |  |
+| tests.cpp:180:7:180:19 | [summary] to write: Argument[this] in madArg0ToSelf |  | madArg0ToSelf |  |
+| tests.cpp:181:6:181:20 | [summary param] this in madSelfToReturn |  | madSelfToReturn |  |
+| tests.cpp:181:6:181:20 | [summary] to write: ReturnValue in madSelfToReturn |  | madSelfToReturn |  |
+| tests.cpp:209:7:209:30 | [summary param] this in namespaceMadSelfToReturn |  | namespaceMadSelfToReturn |  |
+| tests.cpp:209:7:209:30 | [summary] to write: ReturnValue in namespaceMadSelfToReturn |  | namespaceMadSelfToReturn |  |
diff --git a/cpp/ql/test/library-tests/dataflow/models-as-data/FlowSummaryNode.ql b/cpp/ql/test/library-tests/dataflow/models-as-data/FlowSummaryNode.ql
@@ -0,0 +1,18 @@
+import testModels
+private import semmle.code.cpp.ir.dataflow.internal.DataFlowPrivate
+private import semmle.code.cpp.ir.dataflow.internal.DataFlowUtil
+
+string describe(DataFlow::Node n) {
+  n instanceof ParameterNode and result = "ParameterNode"
+  or
+  n instanceof PostUpdateNode and result = "PostUpdateNode"
+  or
+  n instanceof ArgumentNode and result = "ArgumentNode"
+  or
+  n instanceof ReturnNode and result = "ReturnNode"
+  or
+  n instanceof OutNode and result = "OutNode"
+}
+
+from FlowSummaryNode n
+select n, concat(describe(n), ", "), concat(n.getSummarizedCallable().toString(), ", "), concat(n.getEnclosingCallable().toString(), ", ")
