Skip to content

Commit fc64fae

Browse files
hvitvedhvitved
committed
Ruby: Restrict use-use flow
1 parent 39e3254 commit fc64fae

File tree

1 file changed

+16
-11
lines changed

1 file changed

+16
-11
lines changed

ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll

Lines changed: 16 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -64,6 +64,14 @@ module LocalFlow {
6464
)
6565
}
6666

67+
/**
68+
* Holds if there is a local use-use flow step from `nodeFrom` to `nodeTo`
69+
* involving SSA definition `def`.
70+
*/
71+
predicate localSsaFlowStepUseUse(Ssa::Definition def, Node nodeFrom, Node nodeTo) {
72+
def.hasAdjacentReads(nodeFrom.asExpr(), nodeTo.asExpr())
73+
}
74+
6775
/**
6876
* Holds if there is a local flow step from `nodeFrom` to `nodeTo` involving
6977
* SSA definition `def`.
@@ -78,17 +86,7 @@ module LocalFlow {
7886
nodeTo.asExpr() = def.getAFirstRead()
7987
or
8088
// Flow from read to next read
81-
exists(
82-
CfgNodes::ExprNodes::VariableReadAccessCfgNode read1,
83-
CfgNodes::ExprNodes::VariableReadAccessCfgNode read2
84-
|
85-
def.hasAdjacentReads(read1, read2) and
86-
nodeTo.asExpr() = read2
87-
|
88-
nodeFrom.asExpr() = read1
89-
or
90-
read1 = nodeFrom.(PostUpdateNode).getPreUpdateNode().asExpr()
91-
)
89+
localSsaFlowStepUseUse(def, nodeFrom.(PostUpdateNode).getPreUpdateNode(), nodeTo)
9290
or
9391
// Flow into phi node
9492
exists(Ssa::PhiNode phi |
@@ -210,6 +208,9 @@ private module Cached {
210208
or
211209
nodeTo.(SynthReturnNode).getAnInput() = nodeFrom
212210
or
211+
LocalFlow::localSsaFlowStepUseUse(_, nodeFrom, nodeTo) and
212+
not FlowSummaryImpl::Private::Steps::summaryClearsContentArg(nodeFrom, _)
213+
or
213214
FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom, nodeTo, true)
214215
}
215216

@@ -222,6 +223,8 @@ private module Cached {
222223
or
223224
nodeTo = LocalFlow::getParameterDefNode(nodeFrom.(ParameterNode).getParameter())
224225
or
226+
LocalFlow::localSsaFlowStepUseUse(_, nodeFrom, nodeTo)
227+
or
225228
// Simple flow through library code is included in the exposed local
226229
// step relation, even though flow is technically inter-procedural
227230
FlowSummaryImpl::Private::Steps::summaryThroughStep(nodeFrom, nodeTo, true)
@@ -236,6 +239,8 @@ private module Cached {
236239
defaultValueFlow(p, nodeFrom) and
237240
nodeTo = LocalFlow::getParameterDefNode(p)
238241
)
242+
or
243+
LocalFlow::localSsaFlowStepUseUse(_, nodeFrom, nodeTo)
239244
}
240245

241246
cached

0 commit comments

Comments
 (0)