C++: remove unused predicates

2026-04-29 02:35:15 +02:00 · 2020-02-04 12:08:03 -08:00
parent 3bfcf0bf46
commit 1576bcfa3f
2 changed files with 2 additions and 34 deletions
--- a/cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll
+++ b/cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll
@@ -172,7 +172,7 @@ private predicate instructionTaintStep(Instruction i1, Instruction i2) {
    any(CallInstruction call |
      exists(int indexIn |
        modelTaintToReturnValue(call.getStaticCallTarget(), indexIn) and
-        i1 = DataFlow::getACallArgumentOrIndirection(call, indexIn)
+        i1 = getACallArgumentOrIndirection(call, indexIn)
      )
    )
  or
@@ -185,7 +185,7 @@ private predicate instructionTaintStep(Instruction i1, Instruction i2) {
    any(WriteSideEffectInstruction outNode |
      exists(CallInstruction call, int indexIn, int indexOut |
        modelTaintToParameter(call.getStaticCallTarget(), indexIn, indexOut) and
-        i1 = DataFlow::getACallArgumentOrIndirection(call, indexIn) and
+        i1 = getACallArgumentOrIndirection(call, indexIn) and
        outNode.getIndex() = indexOut and
        outNode.getPrimaryInstruction() = call
      )
--- a/cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
+++ b/cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
@@ -337,38 +337,6 @@ private predicate modelFlow(Instruction iFrom, Instruction iTo) {
  )
 }

-/**
- * Get an instruction that goes into argument `argumentIndex` of `call`. This
- * can be either directly or through one pointer indirection.
- */
-Instruction getACallArgumentOrIndirection(CallInstruction call, int argumentIndex) {
-  result = call.getPositionalArgument(argumentIndex)
-  or
-  exists(ReadSideEffectInstruction readSE |
-    // TODO: why are read side effect operands imprecise?
-    result = readSE.getSideEffectOperand().getAnyDef() and
-    readSE.getPrimaryInstruction() = call and
-    readSE.getIndex() = argumentIndex
-  )
-}
-
-private predicate modelFlowToParameter(Function f, int parameterIn, int parameterOut) {
-  exists(FunctionInput modelIn, FunctionOutput modelOut |
-    f.(DataFlowFunction).hasDataFlow(modelIn, modelOut) and
-    (modelIn.isParameter(parameterIn) or modelIn.isParameterDeref(parameterIn)) and
-    modelOut.isParameterDeref(parameterOut)
-  )
-}
-
-private predicate modelFlowToReturnValue(Function f, int parameterIn) {
-  // Data flow from parameter to return value
-  exists(FunctionInput modelIn, FunctionOutput modelOut |
-    f.(DataFlowFunction).hasDataFlow(modelIn, modelOut) and
-    (modelIn.isParameter(parameterIn) or modelIn.isParameterDeref(parameterIn)) and
-    (modelOut.isReturnValue() or modelOut.isReturnValueDeref())
-  )
-}
-
 /**
 * Holds if data flows from `source` to `sink` in zero or more local
 * (intra-procedural) steps.