Delete WriteNode.writesFieldOnSsaWithFields

This can be easily expressed in terms of `WriteNode.writesFieldPreUpdate`.
2025-12-17 01:03:14 +01:00 · 2025-09-25 17:09:08 +01:00
parent 489b8431ea
commit 2ffb638b7e
6 changed files with 6 additions and 13 deletions
--- a/go/ql/lib/semmle/go/controlflow/ControlFlowGraph.qll
+++ b/go/ql/lib/semmle/go/controlflow/ControlFlowGraph.qll
@@ -165,13 +165,6 @@ module ControlFlow {
      this.writesFieldInsn(base.asInstruction(), f, rhs.asInstruction())
    }
    /**
     * Holds if this node sets the value of field `f` on `v` to `rhs`.
     */
    predicate writesFieldOnSsaWithFields(SsaWithFields v, Field f, DataFlow::Node rhs) {
      this.writesFieldPreUpdate(v.getAUse(), f, rhs)
    }
    private predicate writesFieldInsn(IR::Instruction base, Field f, IR::Instruction rhs) {
      exists(IR::FieldTarget trg | trg = super.getLhs() |
        (
--- a/go/ql/lib/semmle/go/security/OpenUrlRedirectCustomizations.qll
+++ b/go/ql/lib/semmle/go/security/OpenUrlRedirectCustomizations.qll
@@ -92,7 +92,7 @@ module OpenUrlRedirect {
    PathAssignmentBarrier() {
      exists(Write w, SsaWithFields var |
        hasHostnameSanitizingSubstring(w.getRhs()) and
-        w.writesFieldOnSsaWithFields(var, any(Field f | f.getName() = "Path"), _) and
+        w.writesFieldPreUpdate(var.getAUse(), any(Field f | f.getName() = "Path"), _) and
        useIsDominated(var, w, this)
      )
    }
--- a/go/ql/lib/semmle/go/security/RequestForgery.qll
+++ b/go/ql/lib/semmle/go/security/RequestForgery.qll
@@ -28,7 +28,7 @@ module RequestForgery {
    predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) {
      // propagate to a URL when its host is assigned to
      exists(Write w, Field f, SsaWithFields v | f.hasQualifiedName("net/url", "URL", "Host") |
-        w.writesFieldOnSsaWithFields(v, f, pred) and
+        w.writesFieldPreUpdate(v.getAUse(), f, pred) and
        succ = v.getAUse()
      )
    }
--- a/go/ql/lib/semmle/go/security/SafeUrlFlow.qll
+++ b/go/ql/lib/semmle/go/security/SafeUrlFlow.qll
@@ -24,7 +24,7 @@ module SafeUrlFlow {
    predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
      // propagate to a URL when its host is assigned to
      exists(Write w, Field f, SsaWithFields v | f.hasQualifiedName("net/url", "URL", "Host") |
-        w.writesFieldOnSsaWithFields(v, f, node1) and
+        w.writesFieldPreUpdate(v.getAUse(), f, node1) and
        node2 = v.getAUse()
      )
    }
--- a/go/ql/src/Security/CWE-322/InsecureHostKeyCallback.ql
+++ b/go/ql/src/Security/CWE-322/InsecureHostKeyCallback.ql
@@ -98,8 +98,8 @@ predicate hostCheckReachesSink(Flow::PathNode sink) {
        Flow::flowPath(source, otherSink) and
        Config::writeIsSink(sink.getNode(), sinkWrite) and
        Config::writeIsSink(otherSink.getNode(), otherSinkWrite) and
-        sinkWrite.writesFieldOnSsaWithFields(sinkAccessPath, _, sink.getNode()) and
+        sinkWrite.writesFieldPreUpdate(sinkAccessPath.getAUse(), _, sink.getNode()) and
-        otherSinkWrite.writesFieldOnSsaWithFields(otherSinkAccessPath, _, otherSink.getNode()) and
+        otherSinkWrite.writesFieldPreUpdate(otherSinkAccessPath.getAUse(), _, otherSink.getNode()) and
        otherSinkAccessPath = sinkAccessPath.similar()
      )
    )
--- a/go/ql/src/experimental/CWE-918/SSRF.qll
+++ b/go/ql/src/experimental/CWE-918/SSRF.qll
@@ -23,7 +23,7 @@ module ServerSideRequestForgery {
    predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
      // propagate to a URL when its host is assigned to
      exists(Write w, Field f, SsaWithFields v | f.hasQualifiedName("net/url", "URL", "Host") |
-        w.writesFieldOnSsaWithFields(v, f, node1) and
+        w.writesFieldPreUpdate(v.getAUse(), f, node1) and
        node2 = v.getAUse()
      )
    }