use GVN to find detect when the alert-location is used as a link

2026-04-22 15:25:18 +02:00 · 2022-09-22 14:42:08 +02:00
parent afdd7b0994
commit 609ed709e2
1 changed files with 7 additions and 3 deletions
--- a/ql/ql/src/queries/style/AlertMessage.ql
+++ b/ql/ql/src/queries/style/AlertMessage.ql
@@ -185,12 +185,16 @@ String doubleWhitespace(Select sel) {
  result.getValue().regexpMatch(".*\\s\\s.*")
 }

+import codeql.GlobalValueNumbering as GVN
+
 /**
 * Gets an expression that repeats the alert-loc as a link.
 */
-VarAccess getAlertLocLink(Select sel) {
-  // TODO: Get this to work with GVN. I got an infinite loop when I tried.
-  result = sel.getExpr(0).(VarAccess).getDeclaration().getAnAccess() and
+AstNode getAlertLocLink(Select sel) {
+  exists(GVN::ValueNumber vn |
+    result = vn.getAnExpr() and
+    sel.getExpr(0) = vn.getAnExpr()
+  ) and
  exists(int msgIndex | sel.getExpr(msgIndex) = sel.getMessage() |
    result = sel.getExpr(any(int i | i > msgIndex))
  )