Skip to content

Commit 1112c0f

Browse files
hvitvedhvitved
committed
Data flow: Cache ParameterNode 
1 parent 7d4feac commit 1112c0f

File tree

2 files changed

+90
-59
lines changed

2 files changed

+90
-59
lines changed

csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll

Lines changed: 41 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -512,7 +512,7 @@ private module Stage1 {
512512

513513
pragma[nomagic]
514514
predicate viableParamArgNodeCandFwd1(
515-
DataFlowCall call, ParameterNode p, ArgumentNodeExt arg, Configuration config
515+
DataFlowCall call, ParameterNodeExt p, ArgumentNodeExt arg, Configuration config
516516
) {
517517
viableParamArg(call, p, arg) and
518518
fwdFlow(arg, config)
@@ -522,7 +522,7 @@ private module Stage1 {
522522
private predicate revFlowIn(
523523
DataFlowCall call, ArgumentNodeExt arg, boolean toReturn, Configuration config
524524
) {
525-
exists(ParameterNode p |
525+
exists(ParameterNodeExt p |
526526
revFlow(p, toReturn, config) and
527527
viableParamArgNodeCandFwd1(call, p, arg, config)
528528
)
@@ -594,7 +594,9 @@ private module Stage1 {
594594
* Holds if flow may enter through `p` and reach a return node making `p` a
595595
* candidate for the origin of a summary.
596596
*/
597-
predicate parameterMayFlowThrough(ParameterNode p, DataFlowCallable c, Ap ap, Configuration config) {
597+
predicate parameterMayFlowThrough(
598+
ParameterNodeExt p, DataFlowCallable c, Ap ap, Configuration config
599+
) {
598600
exists(ReturnKindExt kind |
599601
throughFlowNodeCand(p, config) and
600602
returnFlowCallableNodeCand(c, kind, config) and
@@ -660,7 +662,7 @@ private predicate flowOutOfCallNodeCand1(
660662

661663
pragma[nomagic]
662664
private predicate viableParamArgNodeCand1(
663-
DataFlowCall call, ParameterNode p, ArgumentNodeExt arg, Configuration config
665+
DataFlowCall call, ParameterNodeExt p, ArgumentNodeExt arg, Configuration config
664666
) {
665667
Stage1::viableParamArgNodeCandFwd1(call, p, arg, config) and
666668
Stage1::revFlow(arg, config)
@@ -672,7 +674,7 @@ private predicate viableParamArgNodeCand1(
672674
*/
673675
pragma[nomagic]
674676
private predicate flowIntoCallNodeCand1(
675-
DataFlowCall call, ArgumentNodeExt arg, ParameterNode p, Configuration config
677+
DataFlowCall call, ArgumentNodeExt arg, ParameterNodeExt p, Configuration config
676678
) {
677679
viableParamArgNodeCand1(call, p, arg, config) and
678680
Stage1::revFlow(p, config) and
@@ -732,7 +734,7 @@ private predicate flowOutOfCallNodeCand1(
732734
*/
733735
pragma[nomagic]
734736
private predicate flowIntoCallNodeCand1(
735-
DataFlowCall call, ArgumentNodeExt arg, ParameterNode p, boolean allowsFieldFlow,
737+
DataFlowCall call, ArgumentNodeExt arg, ParameterNodeExt p, boolean allowsFieldFlow,
736738
Configuration config
737739
) {
738740
flowIntoCallNodeCand1(call, arg, p, config) and
@@ -941,7 +943,7 @@ private module Stage2 {
941943

942944
pragma[nomagic]
943945
private predicate fwdFlowIn(
944-
DataFlowCall call, ParameterNode p, Cc outercc, Cc innercc, ApOption argAp, Ap ap,
946+
DataFlowCall call, ParameterNodeExt p, Cc outercc, Cc innercc, ApOption argAp, Ap ap,
945947
Configuration config
946948
) {
947949
exists(ArgumentNodeExt arg, boolean allowsFieldFlow |
@@ -989,7 +991,7 @@ private module Stage2 {
989991
private predicate fwdFlowIsEntered(
990992
DataFlowCall call, Cc cc, ApOption argAp, Ap ap, Configuration config
991993
) {
992-
exists(ParameterNode p |
994+
exists(ParameterNodeExt p |
993995
fwdFlowIn(call, p, cc, _, argAp, ap, config) and
994996
PrevStage::parameterMayFlowThrough(p, _, getApprox(ap), config)
995997
)
@@ -1133,7 +1135,7 @@ private module Stage2 {
11331135
DataFlowCall call, ArgumentNodeExt arg, boolean toReturn, ApOption returnAp, Ap ap,
11341136
Configuration config
11351137
) {
1136-
exists(ParameterNode p, boolean allowsFieldFlow |
1138+
exists(ParameterNodeExt p, boolean allowsFieldFlow |
11371139
revFlow(p, toReturn, returnAp, ap, config) and
11381140
flowIntoCall(call, arg, p, allowsFieldFlow, config)
11391141
|
@@ -1196,13 +1198,15 @@ private module Stage2 {
11961198

11971199
pragma[noinline]
11981200
private predicate parameterFlow(
1199-
ParameterNode p, Ap ap, Ap ap0, DataFlowCallable c, Configuration config
1201+
ParameterNodeExt p, Ap ap, Ap ap0, DataFlowCallable c, Configuration config
12001202
) {
12011203
revFlow(p, true, apSome(ap0), ap, config) and
12021204
c = getNodeEnclosingCallable(p)
12031205
}
12041206

1205-
predicate parameterMayFlowThrough(ParameterNode p, DataFlowCallable c, Ap ap, Configuration config) {
1207+
predicate parameterMayFlowThrough(
1208+
ParameterNodeExt p, DataFlowCallable c, Ap ap, Configuration config
1209+
) {
12061210
exists(ReturnNodeExt ret, Ap ap0, ReturnKindExt kind, int pos |
12071211
parameterFlow(p, ap, ap0, c, config) and
12081212
c = getNodeEnclosingCallable(ret) and
@@ -1242,7 +1246,7 @@ private predicate flowOutOfCallNodeCand2(
12421246

12431247
pragma[nomagic]
12441248
private predicate flowIntoCallNodeCand2(
1245-
DataFlowCall call, ArgumentNodeExt node1, ParameterNode node2, boolean allowsFieldFlow,
1249+
DataFlowCall call, ArgumentNodeExt node1, ParameterNodeExt node2, boolean allowsFieldFlow,
12461250
Configuration config
12471251
) {
12481252
flowIntoCallNodeCand1(call, node1, node2, allowsFieldFlow, config) and
@@ -1272,7 +1276,7 @@ private module LocalFlowBigStep {
12721276
config.isSource(node) or
12731277
jumpStep(_, node, config) or
12741278
additionalJumpStep(_, node, config) or
1275-
node instanceof ParameterNode or
1279+
node instanceof ParameterNodeExt or
12761280
node instanceof OutNodeExt or
12771281
store(_, _, node, _) or
12781282
read(_, _, node) or
@@ -1582,7 +1586,7 @@ private module Stage3 {
15821586

15831587
pragma[nomagic]
15841588
private predicate fwdFlowIn(
1585-
DataFlowCall call, ParameterNode p, Cc outercc, Cc innercc, ApOption argAp, Ap ap,
1589+
DataFlowCall call, ParameterNodeExt p, Cc outercc, Cc innercc, ApOption argAp, Ap ap,
15861590
Configuration config
15871591
) {
15881592
exists(ArgumentNodeExt arg, boolean allowsFieldFlow |
@@ -1630,7 +1634,7 @@ private module Stage3 {
16301634
private predicate fwdFlowIsEntered(
16311635
DataFlowCall call, Cc cc, ApOption argAp, Ap ap, Configuration config
16321636
) {
1633-
exists(ParameterNode p |
1637+
exists(ParameterNodeExt p |
16341638
fwdFlowIn(call, p, cc, _, argAp, ap, config) and
16351639
PrevStage::parameterMayFlowThrough(p, _, unbindApa(getApprox(ap)), config)
16361640
)
@@ -1774,7 +1778,7 @@ private module Stage3 {
17741778
DataFlowCall call, ArgumentNodeExt arg, boolean toReturn, ApOption returnAp, Ap ap,
17751779
Configuration config
17761780
) {
1777-
exists(ParameterNode p, boolean allowsFieldFlow |
1781+
exists(ParameterNodeExt p, boolean allowsFieldFlow |
17781782
revFlow(p, toReturn, returnAp, ap, config) and
17791783
flowIntoCall(call, arg, p, allowsFieldFlow, config)
17801784
|
@@ -1837,13 +1841,15 @@ private module Stage3 {
18371841

18381842
pragma[noinline]
18391843
private predicate parameterFlow(
1840-
ParameterNode p, Ap ap, Ap ap0, DataFlowCallable c, Configuration config
1844+
ParameterNodeExt p, Ap ap, Ap ap0, DataFlowCallable c, Configuration config
18411845
) {
18421846
revFlow(p, true, apSome(ap0), ap, config) and
18431847
c = getNodeEnclosingCallable(p)
18441848
}
18451849

1846-
predicate parameterMayFlowThrough(ParameterNode p, DataFlowCallable c, Ap ap, Configuration config) {
1850+
predicate parameterMayFlowThrough(
1851+
ParameterNodeExt p, DataFlowCallable c, Ap ap, Configuration config
1852+
) {
18471853
exists(ReturnNodeExt ret, Ap ap0, ReturnKindExt kind, int pos |
18481854
parameterFlow(p, ap, ap0, c, config) and
18491855
c = getNodeEnclosingCallable(ret) and
@@ -2154,7 +2160,7 @@ private module Stage4 {
21542160

21552161
pragma[nomagic]
21562162
private predicate flowIntoCall(
2157-
DataFlowCall call, ArgumentNodeExt node1, ParameterNode node2, boolean allowsFieldFlow,
2163+
DataFlowCall call, ArgumentNodeExt node1, ParameterNodeExt node2, boolean allowsFieldFlow,
21582164
Configuration config
21592165
) {
21602166
flowIntoCallNodeCand2(call, node1, node2, allowsFieldFlow, config) and
@@ -2299,7 +2305,7 @@ private module Stage4 {
22992305

23002306
pragma[nomagic]
23012307
private predicate fwdFlowIn(
2302-
DataFlowCall call, ParameterNode p, Cc outercc, Cc innercc, ApOption argAp, Ap ap,
2308+
DataFlowCall call, ParameterNodeExt p, Cc outercc, Cc innercc, ApOption argAp, Ap ap,
23032309
Configuration config
23042310
) {
23052311
exists(ArgumentNodeExt arg, boolean allowsFieldFlow |
@@ -2347,7 +2353,7 @@ private module Stage4 {
23472353
private predicate fwdFlowIsEntered(
23482354
DataFlowCall call, Cc cc, ApOption argAp, Ap ap, Configuration config
23492355
) {
2350-
exists(ParameterNode p |
2356+
exists(ParameterNodeExt p |
23512357
fwdFlowIn(call, p, cc, _, argAp, ap, config) and
23522358
PrevStage::parameterMayFlowThrough(p, _, unbindApa(getApprox(ap)), config)
23532359
)
@@ -2491,7 +2497,7 @@ private module Stage4 {
24912497
DataFlowCall call, ArgumentNodeExt arg, boolean toReturn, ApOption returnAp, Ap ap,
24922498
Configuration config
24932499
) {
2494-
exists(ParameterNode p, boolean allowsFieldFlow |
2500+
exists(ParameterNodeExt p, boolean allowsFieldFlow |
24952501
revFlow(p, toReturn, returnAp, ap, config) and
24962502
flowIntoCall(call, arg, p, allowsFieldFlow, config)
24972503
|
@@ -2554,13 +2560,15 @@ private module Stage4 {
25542560

25552561
pragma[noinline]
25562562
private predicate parameterFlow(
2557-
ParameterNode p, Ap ap, Ap ap0, DataFlowCallable c, Configuration config
2563+
ParameterNodeExt p, Ap ap, Ap ap0, DataFlowCallable c, Configuration config
25582564
) {
25592565
revFlow(p, true, apSome(ap0), ap, config) and
25602566
c = getNodeEnclosingCallable(p)
25612567
}
25622568

2563-
predicate parameterMayFlowThrough(ParameterNode p, DataFlowCallable c, Ap ap, Configuration config) {
2569+
predicate parameterMayFlowThrough(
2570+
ParameterNodeExt p, DataFlowCallable c, Ap ap, Configuration config
2571+
) {
25642572
exists(ReturnNodeExt ret, Ap ap0, ReturnKindExt kind, int pos |
25652573
parameterFlow(p, ap, ap0, c, config) and
25662574
c = getNodeEnclosingCallable(ret) and
@@ -2605,7 +2613,7 @@ private predicate nodeMayUseSummary(Node n, AccessPathApprox apa, Configuration
26052613

26062614
private newtype TSummaryCtx =
26072615
TSummaryCtxNone() or
2608-
TSummaryCtxSome(ParameterNode p, AccessPath ap) {
2616+
TSummaryCtxSome(ParameterNodeExt p, AccessPath ap) {
26092617
Stage4::parameterMayFlowThrough(p, _, ap.getApprox(), _)
26102618
}
26112619

@@ -2626,7 +2634,7 @@ private class SummaryCtxNone extends SummaryCtx, TSummaryCtxNone {
26262634

26272635
/** A summary context from which a flow summary can be generated. */
26282636
private class SummaryCtxSome extends SummaryCtx, TSummaryCtxSome {
2629-
private ParameterNode p;
2637+
private ParameterNodeExt p;
26302638
private AccessPath ap;
26312639

26322640
SummaryCtxSome() { this = TSummaryCtxSome(p, ap) }
@@ -3247,7 +3255,7 @@ pragma[noinline]
32473255
private predicate parameterCand(
32483256
DataFlowCallable callable, int i, AccessPathApprox apa, Configuration config
32493257
) {
3250-
exists(ParameterNode p |
3258+
exists(ParameterNodeExt p |
32513259
Stage4::revFlow(p, _, _, apa, config) and
32523260
p.isParameterOf(callable, i)
32533261
)
@@ -3271,7 +3279,7 @@ private predicate pathIntoCallable0(
32713279
* respectively.
32723280
*/
32733281
private predicate pathIntoCallable(
3274-
PathNodeMid mid, ParameterNode p, CallContext outercc, CallContextCall innercc, SummaryCtx sc,
3282+
PathNodeMid mid, ParameterNodeExt p, CallContext outercc, CallContextCall innercc, SummaryCtx sc,
32753283
DataFlowCall call
32763284
) {
32773285
exists(int i, DataFlowCallable callable, AccessPath ap |
@@ -3567,7 +3575,7 @@ private module FlowExploration {
35673575

35683576
private newtype TSummaryCtx1 =
35693577
TSummaryCtx1None() or
3570-
TSummaryCtx1Param(ParameterNode p)
3578+
TSummaryCtx1Param(ParameterNodeExt p)
35713579

35723580
private newtype TSummaryCtx2 =
35733581
TSummaryCtx2None() or
@@ -3942,7 +3950,7 @@ private module FlowExploration {
39423950
}
39433951

39443952
private predicate partialPathIntoCallable(
3945-
PartialPathNodeFwd mid, ParameterNode p, CallContext outercc, CallContextCall innercc,
3953+
PartialPathNodeFwd mid, ParameterNodeExt p, CallContext outercc, CallContextCall innercc,
39463954
TSummaryCtx1 sc1, TSummaryCtx2 sc2, DataFlowCall call, PartialAccessPath ap,
39473955
Configuration config
39483956
) {
@@ -3979,7 +3987,7 @@ private module FlowExploration {
39793987
DataFlowCall call, PartialPathNodeFwd mid, ReturnKindExt kind, CallContext cc,
39803988
PartialAccessPath ap, Configuration config
39813989
) {
3982-
exists(ParameterNode p, CallContext innercc, TSummaryCtx1 sc1, TSummaryCtx2 sc2 |
3990+
exists(ParameterNodeExt p, CallContext innercc, TSummaryCtx1 sc1, TSummaryCtx2 sc2 |
39833991
partialPathIntoCallable(mid, p, cc, innercc, sc1, sc2, call, _, config) and
39843992
paramFlowsThroughInPartialPath(kind, innercc, sc1, sc2, ap, config)
39853993
)
@@ -4036,7 +4044,7 @@ private module FlowExploration {
40364044
apConsRev(ap, c, ap0, config)
40374045
)
40384046
or
4039-
exists(ParameterNode p |
4047+
exists(ParameterNodeExt p |
40404048
mid.getNode() = p and
40414049
viableParamArg(_, p, node) and
40424050
sc1 = mid.getSummaryCtx1() and
@@ -4114,7 +4122,7 @@ private module FlowExploration {
41144122
int pos, TRevSummaryCtx1Some sc1, TRevSummaryCtx2Some sc2, RevPartialAccessPath ap,
41154123
Configuration config
41164124
) {
4117-
exists(PartialPathNodeRev mid, ParameterNode p |
4125+
exists(PartialPathNodeRev mid, ParameterNodeExt p |
41184126
mid.getNode() = p and
41194127
p.isParameterOf(_, pos) and
41204128
sc1 = mid.getSummaryCtx1() and

0 commit comments

Comments
 (0)