Java: Restrict use-use flow

Author: hvitved

java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll

@@ -139,11 +139,7 @@ predicate readStep(Node node1, Content f, Node node2) {
  */
 predicate clearsContent(Node n, Content c) {
   c instanceof FieldContent and
-  (
-    n = any(PostUpdateNode pun | storeStep(_, c, pun)).getPreUpdateNode()
-    or
-    FlowSummaryImpl::Private::Steps::summaryStoresIntoArg(c, n)
-  )
+  n = any(PostUpdateNode pun | storeStep(_, c, pun)).getPreUpdateNode()
   or
   FlowSummaryImpl::Private::Steps::summaryClearsContent(n, c)
 }

java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll

@@ -101,6 +101,8 @@ predicate hasNonlocalValue(FieldRead fr) {
 predicate localFlowStep(Node node1, Node node2) {
   simpleLocalFlowStep(node1, node2)
   or
+  adjacentUseUse(node1.asExpr(), node2.asExpr())
+  or
   // Simple flow through library code is included in the exposed local
   // step relation, even though flow is technically inter-procedural
   FlowSummaryImpl::Private::Steps::summaryThroughStep(node1, node2, true)
@@ -131,7 +133,8 @@ predicate simpleLocalFlowStep(Node node1, Node node2) {
   adjacentUseUse(node1.asExpr(), node2.asExpr()) and
   not exists(FieldRead fr |
     hasNonlocalValue(fr) and fr.getField().isStatic() and fr = node1.asExpr()
-  )
+  ) and
+  not FlowSummaryImpl::Private::Steps::summaryClearsContentArg(node1, _)
   or
   ThisFlow::adjacentThisRefs(node1, node2)
   or