From d942a3b54ae8c6417de8b012c9c8bbded2ef021d Mon Sep 17 00:00:00 2001
From: Mathias Vorreiter Pedersen <mathiasvp@github.com>
Date: Wed, 26 Feb 2020 10:21:27 +0100
Subject: [PATCH 1/2] C++: Change definition of isChiForAllAliasedMemory to
 recurse through inexact PhiInstructions

---
 cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll b/cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll
index 638e0e0269c..c5f58e81a19 100644
--- a/cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll
+++ b/cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll
@@ -275,7 +275,7 @@ private predicate isChiForAllAliasedMemory(Instruction instr) {
   or
   isChiForAllAliasedMemory(instr.(ChiInstruction).getTotal())
   or
-  isChiForAllAliasedMemory(instr.(PhiInstruction).getAnInput())
+  isChiForAllAliasedMemory(instr.(PhiInstruction).getAnInputOperand().getAnyDef() )
 }
 
 private predicate modelTaintToReturnValue(Function f, int parameterIn) {

From 1bee0ffe3b20ca766b11cc080da0adffc56ace16 Mon Sep 17 00:00:00 2001
From: Mathias Vorreiter Pedersen <mathiasvp@github.com>
Date: Wed, 26 Feb 2020 12:09:21 +0100
Subject: [PATCH 2/2] C++: Autoformat

---
 cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll b/cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll
index c5f58e81a19..34251d0805b 100644
--- a/cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll
+++ b/cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll
@@ -275,7 +275,7 @@ private predicate isChiForAllAliasedMemory(Instruction instr) {
   or
   isChiForAllAliasedMemory(instr.(ChiInstruction).getTotal())
   or
-  isChiForAllAliasedMemory(instr.(PhiInstruction).getAnInputOperand().getAnyDef() )
+  isChiForAllAliasedMemory(instr.(PhiInstruction).getAnInputOperand().getAnyDef())
 }
 
 private predicate modelTaintToReturnValue(Function f, int parameterIn) {