Skip to content

Commit adedabc

Browse files
aschackmullaschackmull
committed
Wip: test changes to fieldflowbranchlimit semantics
1 parent eea062d commit adedabc

File tree

1 file changed

+22
-16
lines changed

1 file changed

+22
-16
lines changed

java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll

+22-16
Original file line numberDiff line numberDiff line change
@@ -1112,10 +1112,11 @@ private predicate flowOutOfCallNodeCand1(
11121112
DataFlowCall call, RetNodeEx ret, NodeEx out, boolean allowsFieldFlow, Configuration config
11131113
) {
11141114
flowOutOfCallNodeCand1(call, ret, out, config) and
1115-
exists(int b, int j |
1116-
b = branch(ret, config) and
1115+
exists(int j | //int b,
1116+
//b = branch(ret, config) and
11171117
j = join(out, config) and
1118-
if b.minimum(j) <= config.fieldFlowBranchLimit()
1118+
// if b.minimum(j) <= config.fieldFlowBranchLimit()
1119+
if j <= config.fieldFlowBranchLimit()
11191120
then allowsFieldFlow = true
11201121
else allowsFieldFlow = false
11211122
)
@@ -1131,10 +1132,11 @@ private predicate flowIntoCallNodeCand1(
11311132
DataFlowCall call, ArgNodeEx arg, ParamNodeEx p, boolean allowsFieldFlow, Configuration config
11321133
) {
11331134
flowIntoCallNodeCand1(call, arg, p, config) and
1134-
exists(int b, int j |
1135+
exists(int b | //, int j |
11351136
b = branch(arg, config) and
1136-
j = join(p, config) and
1137-
if b.minimum(j) <= config.fieldFlowBranchLimit()
1137+
// j = join(p, config) and
1138+
// if b.minimum(j) <= config.fieldFlowBranchLimit()
1139+
if b <= config.fieldFlowBranchLimit()
11381140
then allowsFieldFlow = true
11391141
else allowsFieldFlow = false
11401142
)
@@ -1384,8 +1386,9 @@ private module MkStage<StageSig PrevStage> {
13841386
exists(ArgNodeEx arg, boolean allowsFieldFlow |
13851387
fwdFlow(arg, state, outercc, argAp, ap, config) and
13861388
flowIntoCall(call, arg, p, allowsFieldFlow, config) and
1387-
innercc = getCallContextCall(call, p.getEnclosingCallable(), outercc) and
1388-
if allowsFieldFlow = false then ap instanceof ApNil else any()
1389+
innercc = getCallContextCall(call, p.getEnclosingCallable(), outercc)
1390+
// and
1391+
// if allowsFieldFlow = false then ap instanceof ApNil else any()
13891392
)
13901393
}
13911394

@@ -1400,8 +1403,9 @@ private module MkStage<StageSig PrevStage> {
14001403
fwdFlow(ret, state, innercc, argAp, ap, config) and
14011404
flowOutOfCall(call, ret, out, allowsFieldFlow, config) and
14021405
inner = ret.getEnclosingCallable() and
1403-
ccOut = getCallContextReturn(inner, call, innercc) and
1404-
if allowsFieldFlow = false then ap instanceof ApNil else any()
1406+
ccOut = getCallContextReturn(inner, call, innercc)
1407+
// and
1408+
// if allowsFieldFlow = false then ap instanceof ApNil else any()
14051409
)
14061410
}
14071411

@@ -1412,7 +1416,7 @@ private module MkStage<StageSig PrevStage> {
14121416
exists(RetNodeEx ret, boolean allowsFieldFlow, CcCall ccc |
14131417
fwdFlow(ret, state, ccc, apSome(argAp), ap, config) and
14141418
flowThroughOutOfCall(call, ccc, ret, out, allowsFieldFlow, config) and
1415-
if allowsFieldFlow = false then ap instanceof ApNil else any()
1419+
if allowsFieldFlow = false then ap instanceof ApNil and argAp instanceof ApNil else any()
14161420
)
14171421
}
14181422

@@ -1598,8 +1602,9 @@ private module MkStage<StageSig PrevStage> {
15981602
) {
15991603
exists(NodeEx out, boolean allowsFieldFlow |
16001604
revFlow(out, state, toReturn, returnAp, ap, config) and
1601-
flowOutOfCall(call, ret, out, allowsFieldFlow, config) and
1602-
if allowsFieldFlow = false then ap instanceof ApNil else any()
1605+
flowOutOfCall(call, ret, out, allowsFieldFlow, config)
1606+
// and
1607+
// if allowsFieldFlow = false then ap instanceof ApNil else any()
16031608
)
16041609
}
16051610

@@ -1609,8 +1614,9 @@ private module MkStage<StageSig PrevStage> {
16091614
) {
16101615
exists(ParamNodeEx p, boolean allowsFieldFlow |
16111616
revFlow(p, state, false, returnAp, ap, config) and
1612-
flowIntoCall(_, arg, p, allowsFieldFlow, config) and
1613-
if allowsFieldFlow = false then ap instanceof ApNil else any()
1617+
flowIntoCall(_, arg, p, allowsFieldFlow, config)
1618+
// and
1619+
// if allowsFieldFlow = false then ap instanceof ApNil else any()
16141620
)
16151621
}
16161622

@@ -1621,7 +1627,7 @@ private module MkStage<StageSig PrevStage> {
16211627
exists(ParamNodeEx p, boolean allowsFieldFlow |
16221628
revFlow(p, state, true, apSome(returnAp), ap, config) and
16231629
flowThroughIntoCall(call, arg, p, allowsFieldFlow, config) and
1624-
if allowsFieldFlow = false then ap instanceof ApNil else any()
1630+
if allowsFieldFlow = false then ap instanceof ApNil and returnAp instanceof ApNil else any()
16251631
)
16261632
}
16271633

0 commit comments

Comments
 (0)