Add similar predicate to SsaWithFields

ql/src/Security/CWE-601/BadRedirectCheck.ql

@@ -141,15 +141,6 @@ predicate isBadRedirectCheckOrWrapper(DataFlow::Node check, SsaWithFields v) {
   )
 }
 
-/**
- * Gets an SSA-with-fields variable that is similar to `v` in the sense that it has the same
- * root variable and the same sequence of field accesses.
- */
-SsaWithFields similar(SsaWithFields v) {
-  result.getBaseVariable().getSourceVariable() = v.getBaseVariable().getSourceVariable() and
-  result.getQualifiedName() = v.getQualifiedName()
-}
-
 /**
  * Holds if `check` checks that `v` has a leading slash, but not whether it has another slash or a
  * backslash in its second position.
@@ -161,8 +152,8 @@ predicate isBadRedirectCheck(DataFlow::Node check, SsaWithFields v) {
   // (we allow those checks to be on variables that are most likely equivalent to `v`
   // to rule out false positives due to minor variations in data flow)
   not (
-    isCheckedForSecondSlash(similar(v)) and
-    isCheckedForSecondBackslash(similar(v))
+    isCheckedForSecondSlash(v.similar()) and
+    isCheckedForSecondBackslash(v.similar())
   )
 }
 

ql/src/semmle/go/dataflow/SSA.qll

@@ -352,6 +352,15 @@ class SsaWithFields extends TSsaWithFields {
     exists(SsaWithFields base, Field f | this = TStep(base, f) | result = base + "." + f.getName())
   }
 
+  /**
+   * Gets an SSA-with-fields variable that is similar to this SSA-with-fields variable in the
+   * sense that it has the same root variable and the same sequence of field accesses.
+   */
+  SsaWithFields similar() {
+    result.getBaseVariable().getSourceVariable() = this.getBaseVariable().getSourceVariable() and
+    result.getQualifiedName() = this.getQualifiedName()
+  }
+
   /**
    * Gets the qualified name of the source variable or variable and fields that this represents.
    *