wip: another nested if() test case

2025-12-16 12:03:03 +01:00 · 2023-12-05 19:46:57 -08:00
parent 405b3a0661
commit 301d1ca2f5
2 changed files with 26 additions and 18 deletions
--- a/session/session1.ql
+++ b/session/session1.ql
@@ -44,17 +44,10 @@ predicate setValueTaintStep(DataFlow::Node pred, DataFlow::Node succ) {
    // 1. without sanitizer
    gr.getASuccessor+() = postgr and
    succ.asExpr() = postgr
-    //
-    // 2. with recursive predicate, no sanitizer
-    // recursiveSuccessor(gr, postgr) and
-    // succ.asExpr() = postgr
-    // 3. with recursive predicate, with sanitizer
-    // sanitizerCheckedSuccessor(gr, postgr) and
-    // succ.asExpr() = postgr
  )
 }

-// Def-Use special handling:
+// Def-Use special handling.  Not needed here, but a good example of recursive predicates.
 // - Include sanitizer check when flagging successive object member calls in taint
 //   step.
 // - Stop at
@@ -153,7 +146,6 @@ class CanWriteGuard extends TaintTracking::SanitizerGuardNode, DataFlow::CallNod
    // outcome is the result of the conditional (the true or false branch)
    outcome = true and
    e = this.getReceiver().asExpr()
-    // or e.getASuccessor+() = this.getReceiver().asExpr()
  }
 }