hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 18:55:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Fix bad join order in AliasedSSA::getResultMemoryLocation.

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2020-11-19 17:40:41 +01:00
parent cd20163f6e
commit 490bba5c9f
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/internal/AliasedSSA.qll
View File

@@ -566,6 +566,9 @@ private Overlap getVariableMemoryLocationOverlap(
use.getEndBitOffset())
}
bindingset[result, b]
private boolean unbindBool(boolean b) { result != b.booleanNot() }
MemoryLocation getResultMemoryLocation(Instruction instr) {
exists(MemoryAccessKind kind, boolean isMayAccess |
kind = instr.getResultMemoryAccess() and
@@ -578,7 +581,8 @@ MemoryLocation getResultMemoryLocation(Instruction instr) {
exists(Allocation var, IRType type, IntValue startBitOffset, IntValue endBitOffset |
hasResultMemoryAccess(instr, var, type, _, startBitOffset, endBitOffset, isMayAccess) and
result =
TVariableMemoryLocation(var, type, _, startBitOffset, endBitOffset, isMayAccess)
TVariableMemoryLocation(var, type, _, startBitOffset, endBitOffset,
unbindBool(isMayAccess))
)
else result = TUnknownMemoryLocation(instr.getEnclosingIRFunction(), isMayAccess)
)
@@ -586,7 +590,7 @@ MemoryLocation getResultMemoryLocation(Instruction instr) {
kind instanceof EntireAllocationMemoryAccess and
result =
TEntireAllocationMemoryLocation(getAddressOperandAllocation(instr.getResultAddressOperand()),
isMayAccess)
unbindBool(isMayAccess))
or
kind instanceof EscapedMemoryAccess and
result = TAllAliasedMemory(instr.getEnclosingIRFunction(), isMayAccess, false)