From 09058e48aa6c68858d9e9b70dbad5cb738a79111 Mon Sep 17 00:00:00 2001 From: Anders Schack-Mulligen Date: Tue, 9 Dec 2025 16:30:07 +0100 Subject: [PATCH] Guards: Rename -WithState to Parameterized-. --- .../code/cpp/ir/dataflow/internal/SsaImpl.qll | 4 +- .../controlflow/codeql/controlflow/Guards.qll | 39 +++++++++---------- 2 files changed, 21 insertions(+), 22 deletions(-) diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaImpl.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaImpl.qll index 32ce89e2674..8dc3513b444 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaImpl.qll @@ -1064,8 +1064,8 @@ module BarrierGuardWithIntParam { DataFlowIntegrationInput::Guard g, SsaImpl::Definition def, IRGuards::GuardValue val, int indirectionIndex ) { - IRGuards::Guards_v1::ValidationWrapperWithState::guardChecksDef(g, def, - val, indirectionIndex) + IRGuards::Guards_v1::ParameterizedValidationWrapper::guardChecksDef(g, + def, val, indirectionIndex) } Node getABarrierNode(int indirectionIndex) { diff --git a/shared/controlflow/codeql/controlflow/Guards.qll b/shared/controlflow/codeql/controlflow/Guards.qll index 0e5cf25fecb..b313afcdb6b 100644 --- a/shared/controlflow/codeql/controlflow/Guards.qll +++ b/shared/controlflow/codeql/controlflow/Guards.qll @@ -1283,36 +1283,35 @@ module Make< signature predicate guardChecksSig(Guard g, Expr e, GuardValue gv); bindingset[this] - signature class StateSig; + signature class ParamSig; - private module WithState { - signature predicate guardChecksSig(Guard g, Expr e, GuardValue gv, State state); + private module WithParam { + signature predicate guardChecksSig(Guard g, Expr e, GuardValue gv, P par); } /** * Extends a `BarrierGuard` input predicate with wrapped invocations. */ module ValidationWrapper { - private predicate guardChecksWithState(Guard g, Expr e, GuardValue gv, Unit state) { - guardChecks0(g, e, gv) and exists(state) + private predicate guardChecksWithParam(Guard g, Expr e, GuardValue gv, Unit par) { + guardChecks0(g, e, gv) and exists(par) } - private module StatefulWrapper = ValidationWrapperWithState; + private module ParameterizedWrapper = + ParameterizedValidationWrapper; /** * Holds if the guard `g` validates the SSA definition `def` upon evaluating to `val`. */ predicate guardChecksDef(Guard g, SsaDefinition def, GuardValue val) { - StatefulWrapper::guardChecksDef(g, def, val, _) + ParameterizedWrapper::guardChecksDef(g, def, val, _) } } /** * Extends a `BarrierGuard` input predicate with wrapped invocations. */ - module ValidationWrapperWithState< - StateSig State, WithState::guardChecksSig/4 guardChecks0> - { + module ParameterizedValidationWrapper::guardChecksSig/4 guardChecks0> { private import WrapperGuard /** @@ -1321,12 +1320,12 @@ module Make< * parameter has been validated by the given guard. */ private predicate validReturnInValidationWrapper( - ReturnExpr ret, ParameterPosition ppos, GuardValue retval, State state + ReturnExpr ret, ParameterPosition ppos, GuardValue retval, P par ) { exists(NonOverridableMethod m, SsaParameterInit param, Guard guard, GuardValue val | m.getAReturnExpr() = ret and param.getParameter() = m.getParameter(ppos) and - guardChecksDef(guard, param, val, state) + guardChecksDef(guard, param, val, par) | guard.valueControls(ret.getBasicBlock(), val) and relevantReturnExprValue(m, ret, retval) @@ -1341,7 +1340,7 @@ module Make< * that the argument has been validated by the given guard. */ private NonOverridableMethod validationWrapper( - ParameterPosition ppos, GuardValue retval, State state + ParameterPosition ppos, GuardValue retval, P par ) { forex(ReturnExpr ret | result.getAReturnExpr() = ret and @@ -1350,12 +1349,12 @@ module Make< disjointValues(notRetval, retval) ) | - validReturnInValidationWrapper(ret, ppos, retval, state) + validReturnInValidationWrapper(ret, ppos, retval, par) ) or exists(SsaParameterInit param, BasicBlock bb, Guard guard, GuardValue val | param.getParameter() = result.getParameter(ppos) and - guardChecksDef(guard, param, val, state) and + guardChecksDef(guard, param, val, par) and guard.valueControls(bb, val) and normalExitBlock(bb) and retval = TException(false) @@ -1365,12 +1364,12 @@ module Make< /** * Holds if the guard `g` validates the expression `e` upon evaluating to `val`. */ - private predicate guardChecks(Guard g, Expr e, GuardValue val, State state) { - guardChecks0(g, e, val, state) + private predicate guardChecks(Guard g, Expr e, GuardValue val, P par) { + guardChecks0(g, e, val, par) or exists(NonOverridableMethodCall call, ParameterPosition ppos, ArgumentPosition apos | g = call and - call.getMethod() = validationWrapper(ppos, val, state) and + call.getMethod() = validationWrapper(ppos, val, par) and call.getArgument(apos) = e and parameterMatch(pragma[only_bind_out](ppos), pragma[only_bind_out](apos)) ) @@ -1379,9 +1378,9 @@ module Make< /** * Holds if the guard `g` validates the SSA definition `def` upon evaluating to `val`. */ - predicate guardChecksDef(Guard g, SsaDefinition def, GuardValue val, State state) { + predicate guardChecksDef(Guard g, SsaDefinition def, GuardValue val, P par) { exists(Expr e | - guardChecks(g, e, val, state) and + guardChecks(g, e, val, par) and guardReadsSsaVar(e, def) ) }