hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-29 22:32:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

Apply suggestions from code review

Browse Source 
Co-authored-by: Chris Smowton <smowton@github.com>
This commit is contained in:
Owen Mansel-Chan
2021-02-03 14:31:34 +00:00
committed by Owen Mansel-Chan
parent 5ec25de1fc
commit 760d89b0d3
2 changed files with 9 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ql/src/semmle/go/controlflow/IR.qll
View File

@@ -905,6 +905,7 @@ module IR {
ReturnInstruction() { this = MkReturnNode(ret) }
/** Gets the corresponding `ReturnStmt`. */
ReturnStmt getReturnStmt() { result = ret }
/** Holds if this statement returns multiple results. */

15
ql/src/semmle/go/dataflow/internal/DataFlowUtil.qll
View File

@@ -1367,14 +1367,15 @@ private predicate mustPassConstantCaseTestToReach(IR::ReturnInstruction ret, Exp
/**
* Holds if whenever `outp` of function `f` satisfies `p`, the input `inp` of
* `f` was compared to a constant in a case clause of a switch statement.
* `f` matched a constant in a case clause of a switch statement.
*
* We check this by looking for guards on `inp` that dominate a `return` statement that
* is the only `return` in `f` that can return `true`. This means that if `f` returns `true`,
* the guard must have been satisfied. (Similar reasoning is applied for statements returning
* `false`, `nil` or a non-`nil` value.)
* We check this by looking for guards on `inp` that collectively dominate a
* `return` statement that is the only `return` in `f` that can return `true`.
* This means that if `f` returns `true`, one of the guards must have been
* satisfied. (Similar reasoning is applied for statements returning `false`,
* `nil` or a non-`nil` value.)
*/
predicate isListOfConstantsComparisonUsingFunctionSwitch(
predicate functionEnsuresInputIsConstant(
Function f, FunctionInput inp, FunctionOutput outp, DataFlow::Property p
) {
outp.isResult(_) and
@@ -1431,7 +1432,7 @@ class ListOfConstantsComparisonSanitizerGuard extends TaintTracking::DefaultTain
Function f, FunctionInput inp, FunctionOutput outp, DataFlow::CallNode call,
DataFlow::Property p, DataFlow::Node res
|
isListOfConstantsComparisonUsingFunctionSwitch(f, inp, outp, p) and
functionEnsuresInputIsConstant(f, inp, outp, p) and
call = f.getACall() and
guardedExpr = inp.getNode(call) and
p.checkOn(this, outcome, res) and