C++: Disable flow through nodes that are sources of phi edges' back edges.

Author: MathiasVP

cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql

@@ -229,6 +229,8 @@ module InvalidPointerToDerefConfig implements DataFlow::ConfigSig {
 
   pragma[inline]
   predicate isSink(DataFlow::Node sink) { isInvalidPointerDerefSink(sink, _, _) }
+
+  predicate isBarrier(DataFlow::Node node) { node = any(DataFlow::SsaPhiNode phi).getAnInput(true) }
 }
 
 module InvalidPointerToDerefFlow = DataFlow::Global<InvalidPointerToDerefConfig>;