@@ -112,7 +112,7 @@ This query finds the argument passed in each call to ``File::create``:
112112
113113 from CallExpr call
114114 where call.getStaticTarget().(Function).getCanonicalPath() = "<std::fs::File>::create"
115- select call.getArgList(). getArg(0)
115+ select call.getArg(0)
116116
117117
118118So we use local data flow to find all expressions that flow into the argument:
@@ -125,7 +125,7 @@ So we use local data flow to find all expressions that flow into the argument:
125125 from CallExpr call, DataFlow::ExprNode source, DataFlow::ExprNode sink
126126 where
127127 call.getStaticTarget().(Function).getCanonicalPath() = "<std::fs::File>::create" and
128- sink.asExpr().getExpr() = call.getArgList(). getArg(0) and
128+ sink.asExpr().getExpr() = call.getArg(0) and
129129 DataFlow::localFlow(source, sink)
130130 select source, sink
131131
@@ -139,7 +139,7 @@ We can vary the source, for example, making the source the parameter of a functi
139139 from CallExpr call, DataFlow::ParameterNode source, DataFlow::ExprNode sink
140140 where
141141 call.getStaticTarget().(Function).getCanonicalPath() = "<std::fs::File>::create" and
142- sink.asExpr().getExpr() = call.getArgList(). getArg(0) and
142+ sink.asExpr().getExpr() = call.getArg(0) and
143143 DataFlow::localFlow(source, sink)
144144 select source, sink
145145
@@ -234,9 +234,9 @@ The following global taint-tracking query finds places where a string literal is
234234 predicate isSink(DataFlow::Node node) {
235235 // any argument going to a parameter called `password`
236236 exists(Function f, CallExpr call, int index |
237- call.getArgList(). getArg(index) = node.asExpr().getExpr() and
237+ call.getArg(index) = node.asExpr().getExpr() and
238238 call.getStaticTarget() = f and
239- f.getParamList(). getParam(index).getPat().(IdentPat).getName().getText() = "password"
239+ f.getParam(index).getPat().(IdentPat).getName().getText() = "password"
240240 )
241241 }
242242 }
0 commit comments