C++: Simplify the flow-state-less product flow module

jketema · jketema · commit 9b89a303ef14 · 2023-04-06T17:11:32.000+02:00
diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/dataflow/ProductFlow.qll b/cpp/ql/lib/experimental/semmle/code/cpp/dataflow/ProductFlow.qll
@@ -67,134 +67,71 @@ module ProductFlow {
   }
 
   module Make<ConfigSig Config> {
-    class PathNode1 = Flow1::PathNode;
-
-    class PathNode2 = Flow2::PathNode;
+    private module StateConfig implements StateConfigSig {
+      class FlowState1 = DataFlow::FlowState;
 
-    module PathGraph1 = Flow1::PathGraph;
+      class FlowState2 = DataFlow::FlowState;
 
-    module PathGraph2 = Flow2::PathGraph;
-
-    predicate hasFlowPath(PathNode1 source1, PathNode2 source2, PathNode1 sink1, PathNode2 sink2) {
-      reachable(source1, source2, sink1, sink2)
-    }
-
-    private module Config1 implements DataFlow::ConfigSig {
-      predicate isSource(DataFlow::Node source) { Config::isSourcePair(source, _) }
-
-      predicate isSink(DataFlow::Node sink) { Config::isSinkPair(sink, _) }
-
-      predicate isBarrier(DataFlow::Node node) { Config::isBarrier1(node) }
-
-      predicate isBarrierOut(DataFlow::Node node) { Config::isBarrierOut1(node) }
-
-      predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
-        Config::isAdditionalFlowStep1(node1, node2)
+      predicate isSourcePair(
+        DataFlow::Node source1, FlowState1 state1, DataFlow::Node source2, FlowState2 state2
+      ) {
+        state1 instanceof DataFlow::FlowStateEmpty and
+        state2 instanceof DataFlow::FlowStateEmpty and
+        Config::isSourcePair(source1, source2)
       }
 
-      predicate isBarrierIn(DataFlow::Node node) { Config::isBarrierIn1(node) }
-    }
-
-    private module Flow1 = DataFlow::Make<Config1>;
-
-    private module Config2 implements DataFlow::ConfigSig {
-      predicate isSource(DataFlow::Node source) {
-        exists(Flow1::PathNode source1 |
-          Config::isSourcePair(source1.getNode(), source) and
-          Flow1::hasFlowPath(source1, _)
-        )
+      predicate isSinkPair(
+        DataFlow::Node sink1, FlowState1 state1, DataFlow::Node sink2, FlowState2 state2
+      ) {
+        state1 instanceof DataFlow::FlowStateEmpty and
+        state2 instanceof DataFlow::FlowStateEmpty and
+        Config::isSinkPair(sink1, sink2)
       }
 
-      predicate isSink(DataFlow::Node sink) {
-        exists(Flow1::PathNode sink1 |
-          Config::isSinkPair(sink1.getNode(), sink) and
-          Flow1::hasFlowPath(_, sink1)
-        )
+      predicate isBarrier1(DataFlow::Node node, FlowState1 state) {
+        state instanceof DataFlow::FlowStateEmpty and
+        Config::isBarrier1(node)
       }
 
-      predicate isBarrier(DataFlow::Node node) { Config::isBarrier2(node) }
+      predicate isBarrier2(DataFlow::Node node, FlowState2 state) {
+        state instanceof DataFlow::FlowStateEmpty and
+        Config::isBarrier2(node)
+      }
 
-      predicate isBarrierOut(DataFlow::Node node) { Config::isBarrierOut2(node) }
+      predicate isBarrier1 = Config::isBarrier1/1;
 
-      predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
-        Config::isAdditionalFlowStep2(node1, node2)
-      }
+      predicate isBarrier2 = Config::isBarrier2/1;
 
-      predicate isBarrierIn(DataFlow::Node node) { Config::isBarrierIn2(node) }
-    }
+      predicate isBarrierOut1 = Config::isBarrierOut1/1;
 
-    private module Flow2 = DataFlow::Make<Config2>;
+      predicate isBarrierOut2 = Config::isBarrierOut2/1;
 
-    pragma[nomagic]
-    private predicate reachableInterprocEntry(
-      Flow1::PathNode source1, Flow2::PathNode source2, Flow1::PathNode node1, Flow2::PathNode node2
-    ) {
-      Config::isSourcePair(node1.getNode(), node2.getNode()) and
-      node1 = source1 and
-      node2 = source2
-      or
-      exists(
-        Flow1::PathNode midEntry1, Flow2::PathNode midEntry2, Flow1::PathNode midExit1,
-        Flow2::PathNode midExit2
-      |
-        reachableInterprocEntry(source1, source2, midEntry1, midEntry2) and
-        interprocEdgePair(midExit1, midExit2, node1, node2) and
-        localPathStep1*(midEntry1, midExit1) and
-        localPathStep2*(midEntry2, midExit2)
-      )
-    }
+      predicate isAdditionalFlowStep1 = Config::isAdditionalFlowStep1/2;
 
-    private predicate localPathStep1(Flow1::PathNode pred, Flow1::PathNode succ) {
-      Flow1::PathGraph::edges(pred, succ) and
-      pragma[only_bind_out](pred.getNode().getEnclosingCallable()) =
-        pragma[only_bind_out](succ.getNode().getEnclosingCallable())
-    }
+      predicate isAdditionalFlowStep1(
+        DataFlow::Node node1, FlowState1 state1, DataFlow::Node node2, FlowState1 state2
+      ) {
+        state1 instanceof DataFlow::FlowStateEmpty and
+        state2 instanceof DataFlow::FlowStateEmpty and
+        Config::isAdditionalFlowStep1(node1, node2)
+      }
 
-    private predicate localPathStep2(Flow2::PathNode pred, Flow2::PathNode succ) {
-      Flow2::PathGraph::edges(pred, succ) and
-      pragma[only_bind_out](pred.getNode().getEnclosingCallable()) =
-        pragma[only_bind_out](succ.getNode().getEnclosingCallable())
-    }
+      predicate isAdditionalFlowStep2 = Config::isAdditionalFlowStep2/2;
 
-    pragma[nomagic]
-    private predicate interprocEdge1(
-      Declaration predDecl, Declaration succDecl, Flow1::PathNode pred1, Flow1::PathNode succ1
-    ) {
-      Flow1::PathGraph::edges(pred1, succ1) and
-      predDecl != succDecl and
-      pred1.getNode().getEnclosingCallable() = predDecl and
-      succ1.getNode().getEnclosingCallable() = succDecl
-    }
+      predicate isAdditionalFlowStep2(
+        DataFlow::Node node1, FlowState2 state1, DataFlow::Node node2, FlowState2 state2
+      ) {
+        state1 instanceof DataFlow::FlowStateEmpty and
+        state2 instanceof DataFlow::FlowStateEmpty and
+        Config::isAdditionalFlowStep2(node1, node2)
+      }
 
-    pragma[nomagic]
-    private predicate interprocEdge2(
-      Declaration predDecl, Declaration succDecl, Flow2::PathNode pred2, Flow2::PathNode succ2
-    ) {
-      Flow2::PathGraph::edges(pred2, succ2) and
-      predDecl != succDecl and
-      pred2.getNode().getEnclosingCallable() = predDecl and
-      succ2.getNode().getEnclosingCallable() = succDecl
-    }
+      predicate isBarrierIn1 = Config::isBarrierIn1/1;
 
-    private predicate interprocEdgePair(
-      Flow1::PathNode pred1, Flow2::PathNode pred2, Flow1::PathNode succ1, Flow2::PathNode succ2
-    ) {
-      exists(Declaration predDecl, Declaration succDecl |
-        interprocEdge1(predDecl, succDecl, pred1, succ1) and
-        interprocEdge2(predDecl, succDecl, pred2, succ2)
-      )
+      predicate isBarrierIn2 = Config::isBarrierIn2/1;
     }
 
-    private predicate reachable(
-      Flow1::PathNode source1, Flow2::PathNode source2, Flow1::PathNode sink1, Flow2::PathNode sink2
-    ) {
-      exists(Flow1::PathNode mid1, Flow2::PathNode mid2 |
-        reachableInterprocEntry(source1, source2, mid1, mid2) and
-        Config::isSinkPair(sink1.getNode(), sink2.getNode()) and
-        localPathStep1*(mid1, sink1) and
-        localPathStep2*(mid2, sink2)
-      )
-    }
+    import MakeWithState<StateConfig>
   }
 
   signature module StateConfigSig {
