Skip to content

Commit 98ed2a1

Browse files
hvitvedhvitved
committed
Data flow: Move field-clearing checks from flowCandFwf0 into flowCandFwd 
1 parent 13b4dfa commit 98ed2a1

File tree

1 file changed

+6
-10
lines changed

1 file changed

+6
-10
lines changed

csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll

Lines changed: 6 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1201,6 +1201,7 @@ private predicate flowCandFwd(
12011201
Configuration config
12021202
) {
12031203
flowCandFwd0(node, fromArg, argApf, apf, config) and
1204+
not apf.isClearedAt(node) and
12041205
if node instanceof CastingNode
12051206
then compatibleTypes(getErasedNodeTypeBound(node), apf.getType())
12061207
else any()
@@ -1219,8 +1220,7 @@ private predicate flowCandFwd0(
12191220
or
12201221
exists(Node mid |
12211222
flowCandFwd(mid, fromArg, argApf, apf, config) and
1222-
localFlowBigStep(mid, node, true, _, config, _) and
1223-
not apf.isClearedAt(node)
1223+
localFlowBigStep(mid, node, true, _, config, _)
12241224
)
12251225
or
12261226
exists(Node mid, AccessPathFrontNil nil |
@@ -1233,8 +1233,7 @@ private predicate flowCandFwd0(
12331233
nodeCand2(node, unbind(config)) and
12341234
jumpStep(mid, node, config) and
12351235
fromArg = false and
1236-
argApf = TAccessPathFrontNone() and
1237-
not apf.isClearedAt(node)
1236+
argApf = TAccessPathFrontNone()
12381237
)
12391238
or
12401239
exists(Node mid, AccessPathFrontNil nil |
@@ -1259,8 +1258,7 @@ private predicate flowCandFwd0(
12591258
exists(TypedContent tc |
12601259
flowCandFwdRead(tc, node, fromArg, argApf, config) and
12611260
flowCandFwdConsCand(tc, apf, config) and
1262-
nodeCand2(node, _, _, unbindBool(apf.toBoolNonEmpty()), unbind(config)) and
1263-
not apf.isClearedAt(node)
1261+
nodeCand2(node, _, _, unbindBool(apf.toBoolNonEmpty()), unbind(config))
12641262
)
12651263
or
12661264
// flow into a callable
@@ -1316,8 +1314,7 @@ private predicate flowCandFwdIn(
13161314
) {
13171315
exists(ArgumentNode arg, boolean allowsFieldFlow |
13181316
flowCandFwd(arg, fromArg, argApf, apf, config) and
1319-
flowIntoCallNodeCand2(call, arg, p, allowsFieldFlow, config) and
1320-
not apf.isClearedAt(p)
1317+
flowIntoCallNodeCand2(call, arg, p, allowsFieldFlow, config)
13211318
|
13221319
apf instanceof AccessPathFrontNil or allowsFieldFlow = true
13231320
)
@@ -1330,8 +1327,7 @@ private predicate flowCandFwdOut(
13301327
) {
13311328
exists(ReturnNodeExt ret, boolean allowsFieldFlow |
13321329
flowCandFwd(ret, fromArg, argApf, apf, config) and
1333-
flowOutOfCallNodeCand2(call, ret, node, allowsFieldFlow, config) and
1334-
not apf.isClearedAt(node)
1330+
flowOutOfCallNodeCand2(call, ret, node, allowsFieldFlow, config)
13351331
|
13361332
apf instanceof AccessPathFrontNil or allowsFieldFlow = true
13371333
)

0 commit comments

Comments
 (0)