hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Guards: Push forex-range constraint in.

Browse Source
This commit is contained in:
Anders Schack-Mulligen
2025-11-11 12:45:46 +01:00
parent 8624f9c660
commit 0a4406dec9
1 changed files with 24 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
shared/controlflow/codeql/controlflow/Guards.qll
View File

@@ -1024,16 +1024,34 @@ module Make<
ReturnImplies::guardControls(call, val, _, _) ReturnImplies::guardControls(call, val, _, _)
} }
predicate relevantReturnValue(NonOverridableMethod m, GuardValue val) { /**
* Holds if a call to `m` having a return value of `retval` is reachable
* by a chain of implications.
*/
predicate relevantReturnValue(NonOverridableMethod m, GuardValue retval) {
exists(NonOverridableMethodCall call | exists(NonOverridableMethodCall call |
relevantCallValue(call, val) and relevantCallValue(call, retval) and
call.getMethod() = m and call.getMethod() = m and
not val instanceof TException not retval instanceof TException
)
}
/**
* Holds if a call to `m` having a return value of `retval` is reachable
* by a chain of implications, and `ret` is a return expression in `m`
* that could possibly have the value `retval`.
*/
predicate relevantReturnExprValue(NonOverridableMethod m, ReturnExpr ret, GuardValue retval) {
relevantReturnValue(m, retval) and
ret = m.getAReturnExpr() and
not exists(GuardValue notRetval |
exprHasValue(ret, notRetval) and
disjointValues(notRetval, retval)
) )
} }
private predicate returnGuard(Guard guard, GuardValue val) { private predicate returnGuard(Guard guard, GuardValue val) {
relevantReturnValue(guard.(ReturnExpr).getMethod(), val) relevantReturnExprValue(_, guard, val)
} }
module ReturnImplies = ImpliesTC<returnGuard/2>; module ReturnImplies = ImpliesTC<returnGuard/2>;
@@ -1058,7 +1076,7 @@ module Make<
exists(Guard g0, GuardValue v0 | exists(Guard g0, GuardValue v0 |
directlyControlsReturn(g0, v0, ret) and directlyControlsReturn(g0, v0, ret) and
BranchImplies::ssaControls(param, val, g0, v0) and BranchImplies::ssaControls(param, val, g0, v0) and
relevantReturnValue(m, retval) relevantReturnExprValue(m, ret, retval)
) )
or or
ReturnImplies::ssaControls(param, val, ret, retval) ReturnImplies::ssaControls(param, val, ret, retval)
@@ -1166,7 +1184,7 @@ module Make<
guardChecksDef(guard, param, val, state) guardChecksDef(guard, param, val, state)
| |
guard.valueControls(ret.getBasicBlock(), val) and guard.valueControls(ret.getBasicBlock(), val) and
relevantReturnValue(m, retval) relevantReturnExprValue(m, ret, retval)
or or
ReturnImplies::guardControls(guard, val, ret, retval) ReturnImplies::guardControls(guard, val, ret, retval)
) )