C#: Rank summaries and source code such that only one is used.

2026-04-28 02:05:14 +02:00 · 2022-05-22 15:14:19 +02:00
parent 5119de8d22
commit 9f611d79ac
2 changed files with 19 additions and 4 deletions
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowDispatch.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowDispatch.qll
@@ -83,13 +83,26 @@ newtype TReturnKind =
    )
  }

+/**
+ * Holds if the summary for `c` should be used for dataflow analysis.
+ */
+predicate useFlowSummary(FlowSummary::SummarizedCallable c) {
+  not c.fromSource()
+  or
+  c.fromSource() and not c.isAutoGenerated()
+}
+
 private module Cached {
+  /**
+   * The following heuristic is used to rank when to use source code or when to use summaries for DataFlowCallables.
+   * 1. Use hand written summaries.
+   * 2. Use source code.
+   * 3. Use auto generated summaries.
+   */
  cached
  newtype TDataFlowCallable =
-    TDotNetCallable(DotNet::Callable c) {
-      c.isUnboundDeclaration() and not c instanceof FlowSummary::SummarizedCallable
-    } or
-    TSummarizedCallable(FlowSummary::SummarizedCallable c)
+    TDotNetCallable(DotNet::Callable c) { c.isUnboundDeclaration() and not useFlowSummary(c) } or
+    TSummarizedCallable(FlowSummary::SummarizedCallable c) { useFlowSummary(c) }

  cached
  newtype TDataFlowCall =
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
@@ -743,9 +743,11 @@ private module Cached {
      FlowSummaryImpl::Public::SummarizedCallable c,
      FlowSummaryImpl::Private::SummaryNodeState state
    ) {
+      useFlowSummary(c) and
      FlowSummaryImpl::Private::summaryNodeRange(c, state)
    } or
    TSummaryParameterNode(FlowSummaryImpl::Public::SummarizedCallable c, ParameterPosition pos) {
+      useFlowSummary(c) and
      FlowSummaryImpl::Private::summaryParameterNodeRange(c, pos)
    } or
    TParamsArgumentNode(ControlFlow::Node callCfn) {