Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 82e56d4

Browse files
hvitvedhvitved
committed
Data flow: Simplify pathStep and pathIntoCallable 
1 parent 94f110f commit 82e56d4

1 file changed

Lines changed: 42 additions & 84 deletions

File tree

csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll

Lines changed: 42 additions & 84 deletions
Original file line numberDiff line numberDiff line change
@@ -2215,9 +2215,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons {
22152215
result = head + ", " + tail.(AccessPathCons).toStringImpl()
22162216
}
22172217

2218-
override string toString() {
2219-
result = "[" + this.toStringImpl()
2220-
}
2218+
override string toString() { result = "[" + this.toStringImpl() }
22212219
}
22222220

22232221
/**
@@ -2399,64 +2397,43 @@ private class PathNodeSink extends PathNodeImpl, TPathNodeSink {
23992397
* a callable is recorded by `cc`.
24002398
*/
24012399
private predicate pathStep(PathNodeMid mid, Node node, CallContext cc, SummaryCtx sc, AccessPath ap) {
2402-
pathStepSameAp(mid, node, cc, sc) and
2403-
ap = mid.getAp()
2404-
or
2405-
exists(DataFlowType t |
2406-
pathStepEmptyAp(mid, node, cc, sc, t) and
2407-
ap = TAccessPathNil(t)
2408-
)
2409-
or
2410-
exists(TypedContent tc | pathStoreStep(mid, node, ap.pop(tc), tc, cc)) and
2411-
sc = mid.getSummaryCtx()
2412-
or
2413-
exists(TypedContent tc | pathReadStep(mid, node, ap.push(tc), tc, cc)) and
2414-
sc = mid.getSummaryCtx()
2415-
or
2416-
pathThroughCallable(mid, node, cc, ap) and
2417-
sc = mid.getSummaryCtx()
2418-
}
2419-
2420-
pragma[noinline]
2421-
private predicate pathStepEmptyAp(
2422-
PathNodeMid mid, Node node, CallContext cc, SummaryCtx sc, DataFlowType t
2423-
) {
2424-
exists(Node midnode, Configuration conf, LocalCallContext localCC, AccessPathFront apf |
2400+
exists(AccessPath ap0, Node midnode, Configuration conf, LocalCallContext localCC |
24252401
midnode = mid.getNode() and
24262402
conf = mid.getConfiguration() and
24272403
cc = mid.getCallContext() and
24282404
sc = mid.getSummaryCtx() and
24292405
localCC = getLocalCallContext(cc, midnode.getEnclosingCallable()) and
2430-
mid.getAp() = TAccessPathNil(_) and
2431-
localFlowBigStep(midnode, node, false, apf, conf, localCC) and
2432-
apf.getType() = t
2406+
ap0 = mid.getAp()
2407+
|
2408+
localFlowBigStep(midnode, node, true, _, conf, localCC) and
2409+
ap = ap0
2410+
or
2411+
localFlowBigStep(midnode, node, false, ap.getFront(), conf, localCC) and
2412+
ap0 instanceof AccessPathNil
24332413
)
24342414
or
2435-
additionalJumpStep(mid.getNode(), node, mid.getConfiguration()) and
2415+
jumpStep(mid.getNode(), node, mid.getConfiguration()) and
24362416
cc instanceof CallContextAny and
24372417
sc instanceof SummaryCtxNone and
2438-
mid.getAp() = TAccessPathNil(_) and
2439-
t = getNodeType(node)
2440-
}
2441-
2442-
pragma[noinline]
2443-
private predicate pathStepSameAp(PathNodeMid mid, Node node, CallContext cc, SummaryCtx sc) {
2444-
exists(Node midnode, Configuration conf, LocalCallContext localCC |
2445-
midnode = mid.getNode() and
2446-
conf = mid.getConfiguration() and
2447-
cc = mid.getCallContext() and
2448-
sc = mid.getSummaryCtx() and
2449-
localCC = getLocalCallContext(cc, midnode.getEnclosingCallable()) and
2450-
localFlowBigStep(midnode, node, true, _, conf, localCC)
2451-
)
2418+
ap = mid.getAp()
24522419
or
2453-
jumpStep(mid.getNode(), node, mid.getConfiguration()) and
2420+
additionalJumpStep(mid.getNode(), node, mid.getConfiguration()) and
24542421
cc instanceof CallContextAny and
2455-
sc instanceof SummaryCtxNone
2422+
sc instanceof SummaryCtxNone and
2423+
mid.getAp() instanceof AccessPathNil and
2424+
ap = TAccessPathNil(getNodeType(node))
24562425
or
2457-
pathIntoCallable(mid, node, _, cc, sc, _)
2426+
exists(TypedContent tc | pathStoreStep(mid, node, ap.pop(tc), tc, cc)) and
2427+
sc = mid.getSummaryCtx()
24582428
or
2459-
pathOutOfCallable(mid, node, cc) and sc instanceof SummaryCtxNone
2429+
exists(TypedContent tc | pathReadStep(mid, node, ap.push(tc), tc, cc)) and
2430+
sc = mid.getSummaryCtx()
2431+
or
2432+
pathIntoCallable(mid, node, _, cc, sc, _) and ap = mid.getAp()
2433+
or
2434+
pathOutOfCallable(mid, node, cc) and ap = mid.getAp() and sc instanceof SummaryCtxNone
2435+
or
2436+
pathThroughCallable(mid, node, cc, ap) and sc = mid.getSummaryCtx()
24602437
}
24612438

24622439
pragma[nomagic]
@@ -2564,35 +2541,12 @@ private predicate parameterCand(
25642541
pragma[nomagic]
25652542
private predicate pathIntoCallable0(
25662543
PathNodeMid mid, DataFlowCallable callable, int i, CallContext outercc, DataFlowCall call,
2567-
AccessPath ap, AccessPathApprox apa
2568-
) {
2569-
pathIntoArg(mid, i, outercc, call, ap, apa) and
2570-
callable = resolveCall(call, outercc) and
2571-
parameterCand(callable, any(int j | j <= i and j >= i), apa, mid.getConfiguration())
2572-
}
2573-
2574-
pragma[nomagic]
2575-
private predicate pathIntoCallable1(
2576-
PathNodeMid mid, ParameterNode p, AccessPath ap, AccessPathApprox apa, CallContext outercc,
2577-
CallContextCall innercc, DataFlowCall call
2578-
) {
2579-
exists(int i, DataFlowCallable callable |
2580-
pathIntoCallable0(mid, callable, i, outercc, call, ap, apa) and
2581-
p.isParameterOf(callable, i) and
2582-
if recordDataFlowCallSite(call, callable)
2583-
then innercc = TSpecificCall(call)
2584-
else innercc = TSomeCall()
2585-
)
2586-
}
2587-
2588-
pragma[nomagic]
2589-
private predicate pathIntoCallable1MayFlowThrough(
2590-
PathNodeMid mid, ParameterNode p, AccessPath ap, CallContext outercc, CallContextCall innercc,
2591-
DataFlowCall call
2544+
AccessPath ap
25922545
) {
25932546
exists(AccessPathApprox apa |
2594-
pathIntoCallable1(mid, p, ap, apa, outercc, innercc, call) and
2595-
parameterMayFlowThrough(p, apa)
2547+
pathIntoArg(mid, i, outercc, call, ap, apa) and
2548+
callable = resolveCall(call, outercc) and
2549+
parameterCand(callable, any(int j | j <= i and j >= i), apa, mid.getConfiguration())
25962550
)
25972551
}
25982552

@@ -2605,15 +2559,19 @@ private predicate pathIntoCallable(
26052559
PathNodeMid mid, ParameterNode p, CallContext outercc, CallContextCall innercc, SummaryCtx sc,
26062560
DataFlowCall call
26072561
) {
2608-
exists(AccessPath ap |
2609-
pathIntoCallable1MayFlowThrough(mid, p, ap, outercc, innercc, call) and
2610-
sc = TSummaryCtxSome(p, ap)
2611-
)
2612-
or
2613-
exists(AccessPathApprox apa |
2614-
pathIntoCallable1(mid, p, _, apa, outercc, innercc, call) and
2615-
not parameterMayFlowThrough(p, apa) and
2616-
sc = TSummaryCtxNone()
2562+
exists(int i, DataFlowCallable callable, AccessPath ap |
2563+
pathIntoCallable0(mid, callable, i, outercc, call, ap) and
2564+
p.isParameterOf(callable, i) and
2565+
(
2566+
sc = TSummaryCtxSome(p, ap)
2567+
or
2568+
not exists(TSummaryCtxSome(p, ap)) and
2569+
sc = TSummaryCtxNone()
2570+
)
2571+
|
2572+
if recordDataFlowCallSite(call, callable)
2573+
then innercc = TSpecificCall(call)
2574+
else innercc = TSomeCall()
26172575
)
26182576
}
26192577

0 commit comments

Comments
 (0)