Skip to content

Commit befc80b

Browse files
committed
C#: Update data-flow caching
1 parent 914184f commit befc80b

File tree

5 files changed

+302
-382
lines changed

5 files changed

+302
-382
lines changed

csharp/ql/src/semmle/code/csharp/Caching.qll

Lines changed: 0 additions & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -47,44 +47,6 @@ module Stages {
4747
}
4848
}
4949

50-
cached
51-
module DataFlowStage {
52-
private import semmle.code.csharp.dataflow.internal.DataFlowDispatch
53-
private import semmle.code.csharp.dataflow.internal.DataFlowPrivate
54-
private import semmle.code.csharp.dataflow.internal.DataFlowImplCommon
55-
private import semmle.code.csharp.dataflow.internal.TaintTrackingPrivate
56-
57-
cached
58-
predicate forceCachingInSameStage() { any() }
59-
60-
cached
61-
private predicate forceCachingInSameStageRev() {
62-
defaultAdditionalTaintStep(_, _)
63-
or
64-
any(ArgumentNode n).argumentOf(_, _)
65-
or
66-
exists(any(DataFlow::Node n).getEnclosingCallable())
67-
or
68-
exists(any(DataFlow::Node n).getControlFlowNode())
69-
or
70-
exists(any(DataFlow::Node n).getType())
71-
or
72-
exists(any(NodeImpl n).getDataFlowType())
73-
or
74-
exists(any(DataFlow::Node n).getLocation())
75-
or
76-
exists(any(DataFlow::Node n).toString())
77-
or
78-
exists(any(OutNode n).getCall(_))
79-
or
80-
exists(CallContext cc)
81-
or
82-
exists(any(DataFlowCall c).getEnclosingCallable())
83-
or
84-
forceCachingInSameStageRev()
85-
}
86-
}
87-
8850
cached
8951
module UnificationStage {
9052
private import semmle.code.csharp.Unification

csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowDispatch.qll

Lines changed: 22 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,10 @@
11
private import csharp
22
private import cil
33
private import dotnet
4+
private import DataFlowImplCommon as DataFlowImplCommon
45
private import DataFlowPublic
56
private import DataFlowPrivate
67
private import FlowSummaryImpl as FlowSummaryImpl
7-
private import semmle.code.csharp.Caching
88
private import semmle.code.csharp.dataflow.FlowSummary
99
private import semmle.code.csharp.dispatch.Dispatch
1010
private import semmle.code.csharp.frameworks.system.Collections
@@ -68,31 +68,30 @@ private predicate transitiveCapturedCallTarget(ControlFlow::Nodes::ElementNode c
6868
)
6969
}
7070

71-
cached
72-
private module Cached {
73-
cached
74-
newtype TReturnKind =
75-
TNormalReturnKind() { Stages::DataFlowStage::forceCachingInSameStage() } or
76-
TOutReturnKind(int i) { i = any(Parameter p | p.isOut()).getPosition() } or
77-
TRefReturnKind(int i) { i = any(Parameter p | p.isRef()).getPosition() } or
78-
TImplicitCapturedReturnKind(LocalScopeVariable v) {
79-
exists(Ssa::ExplicitDefinition def | def.isCapturedVariableDefinitionFlowOut(_, _) |
80-
v = def.getSourceVariable().getAssignable()
81-
)
82-
} or
83-
TJumpReturnKind(DataFlowCallable target, ReturnKind rk) {
84-
rk instanceof NormalReturnKind and
85-
(
86-
target instanceof Constructor or
87-
not target.getReturnType() instanceof VoidType
88-
)
89-
or
90-
exists(target.getParameter(rk.(OutRefReturnKind).getPosition()))
91-
}
71+
newtype TReturnKind =
72+
TNormalReturnKind() or
73+
TOutReturnKind(int i) { i = any(Parameter p | p.isOut()).getPosition() } or
74+
TRefReturnKind(int i) { i = any(Parameter p | p.isRef()).getPosition() } or
75+
TImplicitCapturedReturnKind(LocalScopeVariable v) {
76+
exists(Ssa::ExplicitDefinition def | def.isCapturedVariableDefinitionFlowOut(_, _) |
77+
v = def.getSourceVariable().getAssignable()
78+
)
79+
} or
80+
TJumpReturnKind(DataFlowCallable target, ReturnKind rk) {
81+
rk instanceof NormalReturnKind and
82+
(
83+
target instanceof Constructor or
84+
not target.getReturnType() instanceof VoidType
85+
)
86+
or
87+
exists(target.getParameter(rk.(OutRefReturnKind).getPosition()))
88+
}
9289

90+
private module Cached {
9391
cached
9492
newtype TDataFlowCall =
9593
TNonDelegateCall(ControlFlow::Nodes::ElementNode cfn, DispatchCall dc) {
94+
DataFlowImplCommon::forceCachingInSameStage() and
9695
cfn.getElement() = dc.getCall()
9796
} or
9897
TExplicitDelegateLikeCall(ControlFlow::Nodes::ElementNode cfn, DelegateLikeCall dc) {
@@ -246,7 +245,6 @@ abstract class DataFlowCall extends TDataFlowCall {
246245
abstract DataFlow::Node getNode();
247246

248247
/** Gets the enclosing callable of this call. */
249-
cached
250248
abstract DataFlowCallable getEnclosingCallable();
251249

252250
/** Gets the underlying expression, if any. */
@@ -280,10 +278,7 @@ class NonDelegateDataFlowCall extends DataFlowCall, TNonDelegateCall {
280278

281279
override DataFlow::ExprNode getNode() { result.getControlFlowNode() = cfn }
282280

283-
override DataFlowCallable getEnclosingCallable() {
284-
Stages::DataFlowStage::forceCachingInSameStage() and
285-
result = cfn.getEnclosingCallable()
286-
}
281+
override DataFlowCallable getEnclosingCallable() { result = cfn.getEnclosingCallable() }
287282

288283
override string toString() { result = cfn.toString() }
289284

0 commit comments

Comments
 (0)