C++: Fix enclosing functions for static locals.

MathiasVP · MathiasVP · commit 648c08bcd9df · 2023-04-25T17:51:04.000+01:00
diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll
@@ -180,7 +180,7 @@ abstract class TranslatedSideEffects extends TranslatedElement {
   /** DEPRECATED: Alias for getAst */
   deprecated override Locatable getAST() { result = getAst() }
 
-  final override Declaration getFunction() { result = getExpr().getEnclosingDeclaration() }
+  final override Declaration getFunction() { result = getEnclosingDeclaration(getExpr()) }
 
   final override TranslatedElement getChild(int i) {
     result =
diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCondition.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCondition.qll
@@ -28,7 +28,7 @@ abstract class TranslatedCondition extends TranslatedElement {
 
   final Expr getExpr() { result = expr }
 
-  final override Function getFunction() { result = expr.getEnclosingFunction() }
+  final override Function getFunction() { result = getEnclosingFunction(expr) }
 
   final Type getResultType() { result = expr.getUnspecifiedType() }
 }
diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedDeclarationEntry.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedDeclarationEntry.qll
@@ -28,9 +28,14 @@ abstract class TranslatedDeclarationEntry extends TranslatedElement, TTranslated
 
   TranslatedDeclarationEntry() { this = TTranslatedDeclarationEntry(entry) }
 
-  final override Function getFunction() {
-    exists(DeclStmt stmt |
-      stmt = entry.getStmt() and
+  final override Declaration getFunction() {
+    exists(DeclStmt stmt | stmt = entry.getStmt() |
+      result = entry.getDeclaration().(StaticInitializedStaticLocalVariable)
+      or
+      result = entry.getDeclaration().(GlobalOrNamespaceVariable)
+      or
+      not entry.getDeclaration() instanceof StaticInitializedStaticLocalVariable and
+      not entry.getDeclaration() instanceof GlobalOrNamespaceVariable and
       result = stmt.getEnclosingFunction()
     )
   }
@@ -237,7 +242,7 @@ class TranslatedStaticLocalVariableInitialization extends TranslatedElement,
 
   final override LocalVariable getVariable() { result = var }
 
-  final override Function getFunction() { result = var.getFunction() }
+  final override Declaration getFunction() { result = var.getFunction() }
 }
 
 TranslatedConditionDecl getTranslatedConditionDecl(ConditionDeclExpr expr) {
@@ -264,7 +269,7 @@ class TranslatedConditionDecl extends TranslatedLocalVariableDeclaration, TTrans
   /** DEPRECATED: Alias for getAst */
   deprecated override Locatable getAST() { result = getAst() }
 
-  override Function getFunction() { result = conditionDeclExpr.getEnclosingFunction() }
+  override Declaration getFunction() { result = getEnclosingFunction(conditionDeclExpr) }
 
   override LocalVariable getVariable() { result = conditionDeclExpr.getVariable() }
 }
diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedElement.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedElement.qll
@@ -109,8 +109,8 @@ private predicate ignoreExprOnly(Expr expr) {
   // should not be translated.
   exists(NewOrNewArrayExpr new | expr = new.getAllocatorCall().getArgument(0))
   or
-  not translateFunction(expr.getEnclosingFunction()) and
-  not Raw::varHasIRFunc(expr.getEnclosingVariable())
+  not translateFunction(getEnclosingFunction(expr)) and
+  not Raw::varHasIRFunc(getEnclosingVariable(expr))
   or
   // We do not yet translate destructors properly, so for now we ignore the
   // destructor call. We do, however, translate the expression being
diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
@@ -79,7 +79,7 @@ abstract class TranslatedExpr extends TranslatedElement {
   /** DEPRECATED: Alias for getAst */
   deprecated override Locatable getAST() { result = this.getAst() }
 
-  final override Declaration getFunction() { result = expr.getEnclosingDeclaration() }
+  final override Declaration getFunction() { result = getEnclosingDeclaration(expr) }
 
   /**
    * Gets the expression from which this `TranslatedExpr` is generated.
@@ -90,12 +90,57 @@ abstract class TranslatedExpr extends TranslatedElement {
    * Gets the `TranslatedFunction` containing this expression.
    */
   final TranslatedRootElement getEnclosingFunction() {
-    result = getTranslatedFunction(expr.getEnclosingFunction())
+    result = getTranslatedFunction(getEnclosingFunction(expr))
     or
-    result = getTranslatedVarInit(expr.getEnclosingVariable())
+    result = getTranslatedVarInit(getEnclosingVariable(expr))
   }
 }
 
+Function getEnclosingFunction(Expr e) {
+  not exists(getEnclosingVariable(e)) and
+  result = e.getEnclosingFunction()
+}
+
+Declaration getEnclosingDeclaration0(Expr e) {
+  result = getEnclosingDeclaration0(e.getParentWithConversions())
+  or
+  exists(Initializer i, Variable v |
+    i.getExpr().getFullyConverted() = e and
+    v = i.getDeclaration()
+  |
+    if v instanceof StaticInitializedStaticLocalVariable or v instanceof GlobalOrNamespaceVariable
+    then result = v
+    else result = e.getEnclosingDeclaration()
+  )
+}
+
+Declaration getEnclosingDeclaration(Expr e) {
+  result = getEnclosingDeclaration0(e)
+  or
+  not exists(getEnclosingDeclaration0(e)) and
+  result = e.getEnclosingDeclaration()
+}
+
+Variable getEnclosingVariable0(Expr e) {
+  result = getEnclosingVariable0(e.getParentWithConversions())
+  or
+  exists(Initializer i, Variable v |
+    i.getExpr().getFullyConverted() = e and
+    v = i.getDeclaration()
+  |
+    if v instanceof StaticInitializedStaticLocalVariable or v instanceof GlobalOrNamespaceVariable
+    then result = v
+    else result = e.getEnclosingVariable()
+  )
+}
+
+Variable getEnclosingVariable(Expr e) {
+  result = getEnclosingVariable0(e)
+  or
+  not exists(getEnclosingVariable0(e)) and
+  result = e.getEnclosingVariable()
+}
+
 /**
  * The IR translation of the "core"  part of an expression. This is the part of
  * the expression that produces the result value of the expression, before any
@@ -843,7 +888,7 @@ class TranslatedNonFieldVariableAccess extends TranslatedVariableAccess {
 
   override IRVariable getInstructionVariable(InstructionTag tag) {
     tag = OnlyInstructionTag() and
-    result = getIRUserVariable(expr.getEnclosingDeclaration(), expr.getTarget())
+    result = getIRUserVariable(getEnclosingDeclaration(expr), expr.getTarget())
   }
 }
 
@@ -2000,7 +2045,7 @@ class TranslatedDestructorFieldDestruction extends TranslatedNonConstantExpr, St
   final override Instruction getInstructionRegisterOperand(InstructionTag tag, OperandTag operandTag) {
     tag = OnlyInstructionTag() and
     operandTag instanceof UnaryOperandTag and
-    result = getTranslatedFunction(expr.getEnclosingFunction()).getInitializeThisInstruction()
+    result = getTranslatedFunction(getEnclosingFunction(expr)).getInitializeThisInstruction()
   }
 
   final override Field getInstructionField(InstructionTag tag) {
diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll
@@ -328,7 +328,7 @@ class TranslatedFunction extends TranslatedRootElement, TTranslatedFunction {
       ) and
       exists(VariableAccess access |
         access.getTarget() = var and
-        access.getEnclosingFunction() = func
+        getEnclosingFunction(access) = func
       )
       or
       var.(LocalScopeVariable).getFunction() = func
diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedGlobalVar.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedGlobalVar.qll
@@ -1,4 +1,5 @@
 import semmle.code.cpp.ir.implementation.raw.internal.TranslatedElement
+private import TranslatedExpr
 private import cpp
 private import semmle.code.cpp.ir.implementation.IRType
 private import semmle.code.cpp.ir.implementation.Opcode
@@ -117,7 +118,7 @@ class TranslatedStaticStorageDurationVarInit extends TranslatedRootElement,
       ) and
       exists(VariableAccess access |
         access.getTarget() = varUsed and
-        access.getEnclosingVariable() = var
+        getEnclosingVariable(access) = var
       )
       or
       var = varUsed
diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedInitialization.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedInitialization.qll
@@ -138,9 +138,9 @@ abstract class TranslatedInitialization extends TranslatedElement, TTranslatedIn
   final override string toString() { result = "init: " + expr.toString() }
 
   final override Declaration getFunction() {
-    result = expr.getEnclosingFunction() or
-    result = expr.getEnclosingVariable().(GlobalOrNamespaceVariable) or
-    result = expr.getEnclosingVariable().(StaticInitializedStaticLocalVariable)
+    result = getEnclosingFunction(expr) or
+    result = getEnclosingVariable(expr).(GlobalOrNamespaceVariable) or
+    result = getEnclosingVariable(expr).(StaticInitializedStaticLocalVariable)
   }
 
   final override Locatable getAst() { result = expr }
@@ -160,7 +160,7 @@ abstract class TranslatedInitialization extends TranslatedElement, TTranslatedIn
   final InitializationContext getContext() { result = getParent() }
 
   final TranslatedFunction getEnclosingFunction() {
-    result = getTranslatedFunction(expr.getEnclosingFunction())
+    result = getTranslatedFunction(this.getFunction())
   }
 }
 
@@ -494,8 +494,9 @@ abstract class TranslatedFieldInitialization extends TranslatedElement {
   deprecated override Locatable getAST() { result = getAst() }
 
   final override Declaration getFunction() {
-    result = ast.getEnclosingFunction() or
-    result = ast.getEnclosingVariable().(GlobalOrNamespaceVariable)
+    result = getEnclosingFunction(ast) or
+    result = getEnclosingVariable(ast).(GlobalOrNamespaceVariable) or
+    result = getEnclosingVariable(ast).(StaticInitializedStaticLocalVariable)
   }
 
   final override Instruction getFirstInstruction() { result = getInstruction(getFieldAddressTag()) }
@@ -652,11 +653,11 @@ abstract class TranslatedElementInitialization extends TranslatedElement {
   deprecated override Locatable getAST() { result = getAst() }
 
   final override Declaration getFunction() {
-    result = initList.getEnclosingFunction()
+    result = getEnclosingFunction(initList)
     or
-    result = initList.getEnclosingVariable().(GlobalOrNamespaceVariable)
+    result = getEnclosingVariable(initList).(GlobalOrNamespaceVariable)
     or
-    result = initList.getEnclosingVariable().(StaticInitializedStaticLocalVariable)
+    result = getEnclosingVariable(initList).(StaticInitializedStaticLocalVariable)
   }
 
   final override Instruction getFirstInstruction() { result = getInstruction(getElementIndexTag()) }
@@ -855,7 +856,7 @@ abstract class TranslatedStructorCallFromStructor extends TranslatedElement, Str
     result = getStructorCall()
   }
 
-  final override Function getFunction() { result = call.getEnclosingFunction() }
+  final override Function getFunction() { result = getEnclosingFunction(call) }
 
   final override Instruction getChildSuccessor(TranslatedElement child) {
     child = getStructorCall() and

Original file line number	Diff line number	Diff line change
`@@ -28,7 +28,7 @@ abstract class TranslatedCondition extends TranslatedElement {`
`28`	`28`
`29`	`29`	`final Expr getExpr() { result = expr }`
`30`	`30`
`31`		`- final override Function getFunction() { result = expr.getEnclosingFunction() }`
	`31`	`+ final override Function getFunction() { result = getEnclosingFunction(expr) }`
`32`	`32`
`33`	`33`	`final Type getResultType() { result = expr.getUnspecifiedType() }`
`34`	`34`	`}`
Original file line number	Diff line number	Diff line change
`@@ -328,7 +328,7 @@ class TranslatedFunction extends TranslatedRootElement, TTranslatedFunction {`
`328`	`328`	`) and`
`329`	`329`	`exists(VariableAccess access \|`
`330`	`330`	`access.getTarget() = var and`
`331`		`- access.getEnclosingFunction() = func`
	`331`	`+ getEnclosingFunction(access) = func`
`332`	`332`	`)`
`333`	`333`	`or`
`334`	`334`	`var.(LocalScopeVariable).getFunction() = func`