Make type switches tranform flow state

Author: owen-mc

go/ql/lib/semmle/go/security/IncorrectIntegerConversionLib.qll

@@ -430,6 +430,26 @@ class TypeAssertionCheck extends DataFlow::ExprNode, FlowStateTransformer {
   }
 }
 
+/**
+ * The implicit definition of a variable with integer type for a case clause of
+ * a type switch statement which declares a variable in its guard, which has
+ * effectively had a checked type assertion.
+ */
+class TypeSwitchVarFlowStateTransformer extends DataFlow::SsaNode, FlowStateTransformer {
+  IntegerType it;
+
+  TypeSwitchVarFlowStateTransformer() {
+    exists(IR::TypeSwitchImplicitVariableInstruction insn, LocalVariable lv | insn.writes(lv, _) |
+      this.getSourceVariable() = lv and
+      it = lv.getType()
+    )
+  }
+
+  override predicate barrierFor(int bitSize, int architectureBitSize) {
+    integerTypeBound(it, bitSize, architectureBitSize)
+  }
+}
+
 /**
  * Holds if `source` is the result of a call to `strconv.Atoi`,
  * `strconv.ParseInt`, or `strconv.ParseUint`, `bitSize` is the `bitSize`

go/ql/test/query-tests/Security/CWE-681/IncorrectIntegerConversion.go

@@ -510,8 +510,8 @@ func typeSwitch1(s string) {
 		_ = int16(v.(int16))
 		_ = int8(v.(int16)) // $ hasValueFlow="type assertion"
 	case int32:
-		_ = int32(v) // $ SPURIOUS: hasValueFlow="v"
-		_ = int8(v)  // $ hasValueFlow="v"
+		_ = int32(v)
+		_ = int8(v) // $ hasValueFlow="v"
 	case int64:
 		_ = int8(v) // $ hasValueFlow="v"
 	default: