Merge pull request github#5128 from hvitved/dataflow/exploration-clears-content

aschackmull · web-flow · commit 66d0bf6b5eee · 2021-02-10T11:52:24.000+01:00
Data flow: Take `clearsContent()` into account in flow exploration
diff --git a/cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll b/cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll b/cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll b/cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll b/cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll b/cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll b/cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll b/cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll b/cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll b/cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll b/csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll b/csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll b/csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll b/csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll b/csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl.qll b/java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl2.qll b/java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl2.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl3.qll b/java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl3.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl4.qll b/java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl4.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl5.qll b/java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl5.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/python/ql/src/semmle/python/dataflow/new/internal/DataFlowImpl.qll b/python/ql/src/semmle/python/dataflow/new/internal/DataFlowImpl.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/python/ql/src/semmle/python/dataflow/new/internal/DataFlowImpl2.qll b/python/ql/src/semmle/python/dataflow/new/internal/DataFlowImpl2.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/python/ql/src/semmle/python/dataflow/new/internal/DataFlowImpl3.qll b/python/ql/src/semmle/python/dataflow/new/internal/DataFlowImpl3.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
diff --git a/python/ql/src/semmle/python/dataflow/new/internal/DataFlowImpl4.qll b/python/ql/src/semmle/python/dataflow/new/internal/DataFlowImpl4.qll
@@ -3598,6 +3598,7 @@ private module FlowExploration {
       or
       exists(PartialPathNodeRev mid |
         revPartialPathStep(mid, node, sc1, sc2, ap, config) and
+        not clearsContent(node, ap.getHead()) and
         not fullBarrier(node, config) and
         distSink(node.getEnclosingCallable(), config) <= config.explorationLimit()
       )
@@ -3611,6 +3612,7 @@ private module FlowExploration {
     exists(PartialPathNodeFwd mid |
       partialPathStep(mid, node, cc, sc1, sc2, ap, config) and
       not fullBarrier(node, config) and
+      not clearsContent(node, ap.getHead().getContent()) and
       if node instanceof CastingNode
       then compatibleTypes(getNodeType(node), ap.getType())
       else any()
