Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 9f85175

Browse files
MathiasVPMathiasVP
committed
C++: Fix blowup in 'stripPointer'.
1 parent 5ae3228 commit 9f85175

1 file changed

Lines changed: 8 additions & 5 deletions

File tree

cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternalsCommon.qll

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -134,6 +134,8 @@ class AllocationInstruction extends CallInstruction {
134134
* purposes of dataflow.
135135
*/
136136
abstract class Indirection extends Type {
137+
Type baseType;
138+
137139
/** Gets the type of this indirection. */
138140
final Type getType() { result = super.getUnspecifiedType() }
139141

@@ -159,11 +161,12 @@ abstract class Indirection extends Type {
159161
predicate isAdditionalWrite(Node0Impl value, Operand address, boolean certain) { none() }
160162

161163
/**
162-
* Gets the base type of this indirection.
164+
* Gets the base type of this indirection, after specifiers have been deeply
165+
* stripped and typedefs have been resolved.
163166
*
164167
* For example, the base type of `int*&` is `int*`, and the base type of `int*` is `int`.
165168
*/
166-
abstract Type getBaseType();
169+
final Type getBaseType() { result = baseType.getUnspecifiedType() }
167170

168171
/** Holds if there should be an additional taint step from `node1` to `node2`. */
169172
predicate isAdditionalTaintStep(Node node1, Node node2) { none() }
@@ -181,14 +184,14 @@ abstract class Indirection extends Type {
181184
predicate ignoreSourceVariableBase(BaseSourceVariableInstruction base, Node0Impl value) { none() }
182185
}
183186

184-
private class PointerOrReferenceTypeIndirection extends Indirection, PointerOrReferenceType {
187+
private class PointerOrReferenceTypeIndirection extends Indirection instanceof PointerOrReferenceType {
188+
PointerOrReferenceTypeIndirection() { baseType = PointerOrReferenceType.super.getBaseType() }
189+
185190
override int getNumberOfIndirections() { result = 1 + countIndirections(this.getBaseType()) }
186191

187192
override predicate isAdditionalDereference(Instruction deref, Operand address) { none() }
188193

189194
override predicate isAdditionalWrite(Node0Impl value, Operand address, boolean certain) { none() }
190-
191-
override Type getBaseType() { result = PointerOrReferenceType.super.getBaseType() }
192195
}
193196

194197
predicate isDereference(Instruction deref, Operand address) {

0 commit comments

Comments
 (0)