C++: A 'LoadInstruction' in a store chain always sets 'certain = false'.

Author: MathiasVP

cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/Ssa.qll

@@ -275,7 +275,9 @@ predicate explicitWrite(boolean certain, Instruction instr, Instruction address)
   |
     if
       addressFlowTC(any(Instruction i |
-          i instanceof FieldAddressInstruction or i instanceof PointerArithmeticInstruction
+          i instanceof FieldAddressInstruction or
+          i instanceof PointerArithmeticInstruction or
+          i instanceof LoadInstruction
         ), store.getDestinationAddress())
     then certain = false
     else certain = true

cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-ir-consistency.expected

@@ -181,7 +181,10 @@ postWithInFlow
 | dispatch.cpp:130:10:130:15 | VariableAddress [post update] | PostUpdateNode should not be the target of local flow. |
 | dispatch.cpp:130:10:130:15 | topRef [post update] | PostUpdateNode should not be the target of local flow. |
 | dispatch.cpp:130:17:130:24 | topRef [post update] | PostUpdateNode should not be the target of local flow. |
+| dispatch.cpp:148:3:148:3 | u [post update] | PostUpdateNode should not be the target of local flow. |
 | dispatch.cpp:148:5:148:5 | f [post update] | PostUpdateNode should not be the target of local flow. |
+| dispatch.cpp:168:3:168:4 | u2 [post update] | PostUpdateNode should not be the target of local flow. |
+| dispatch.cpp:168:6:168:6 | u [post update] | PostUpdateNode should not be the target of local flow. |
 | dispatch.cpp:168:8:168:8 | f [post update] | PostUpdateNode should not be the target of local flow. |
 | example.c:17:19:17:22 | FieldAddress [post update] | PostUpdateNode should not be the target of local flow. |
 | example.c:17:19:17:22 | FieldAddress [post update] | PostUpdateNode should not be the target of local flow. |