From be6c122b27378b7d53c17d10d2acf3691be2b965 Mon Sep 17 00:00:00 2001
From: Erik Krogh Kristensen <erik-krogh@github.com>
Date: Thu, 24 Mar 2022 16:30:52 +0100
Subject: [PATCH 1/4] improve the join order of getAClassReference

---
 .../ql/lib/semmle/javascript/dataflow/Nodes.qll     | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll b/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll
index c0a47d39d83..b94e13b21e1 100644
--- a/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll
+++ b/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll
@@ -786,6 +786,8 @@ class MemberKind extends string {
   predicate isAccessor() { this = MemberKind::accessor() }
 }
 
+private import internal.StepSummary
+
 module MemberKind {
   /** Gets the kind of a method, such as `m() {}` */
   MemberKind method() { result = "method" }
@@ -960,7 +962,16 @@ class ClassNode extends DataFlow::SourceNode instanceof ClassNode::Range {
       result.getAstNode().getFile() = this.getAstNode().getFile()
     )
     or
-    exists(DataFlow::TypeTracker t2 | result = this.getAClassReference(t2).track(t2, t))
+    result = getAClassReferenceStep(t)
+  }
+
+  pragma[noopt]
+  private DataFlow::SourceNode getAClassReferenceStep(DataFlow::TypeTracker t) {
+    exists(DataFlow::TypeTracker t2, StepSummary summary, DataFlow::SourceNode prev |
+      prev = this.getAClassReference(t2) and
+      StepSummary::step(prev, result, summary) and
+      t2 = t.append(summary)
+    )
   }
 
   /**

From cebba05b8b2347957606e16540319ae9ee3e5311 Mon Sep 17 00:00:00 2001
From: Erik Krogh Kristensen <erik-krogh@github.com>
Date: Tue, 29 Mar 2022 12:44:48 +0200
Subject: [PATCH 2/4] rename getAClassReferenceStep to getAClassReferenceRec

---
 javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll b/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll
index b94e13b21e1..4097b29083d 100644
--- a/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll
+++ b/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll
@@ -962,11 +962,11 @@ class ClassNode extends DataFlow::SourceNode instanceof ClassNode::Range {
       result.getAstNode().getFile() = this.getAstNode().getFile()
     )
     or
-    result = getAClassReferenceStep(t)
+    result = getAClassReferenceRec(t)
   }
 
   pragma[noopt]
-  private DataFlow::SourceNode getAClassReferenceStep(DataFlow::TypeTracker t) {
+  private DataFlow::SourceNode getAClassReferenceRec(DataFlow::TypeTracker t) {
     exists(DataFlow::TypeTracker t2, StepSummary summary, DataFlow::SourceNode prev |
       prev = this.getAClassReference(t2) and
       StepSummary::step(prev, result, summary) and

From 090c5c39f6179ccd866db1267849b94576262392 Mon Sep 17 00:00:00 2001
From: Erik Krogh Kristensen <erik-krogh@github.com>
Date: Tue, 29 Mar 2022 13:24:10 +0200
Subject: [PATCH 3/4] add explicit this

---
 javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll b/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll
index 4097b29083d..b6cf17812b9 100644
--- a/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll
+++ b/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll
@@ -962,7 +962,7 @@ class ClassNode extends DataFlow::SourceNode instanceof ClassNode::Range {
       result.getAstNode().getFile() = this.getAstNode().getFile()
     )
     or
-    result = getAClassReferenceRec(t)
+    result = this.getAClassReferenceRec(t)
   }
 
   pragma[noopt]

From 48ef3b106f8e960920efa9273117a66efc65efa1 Mon Sep 17 00:00:00 2001
From: Erik Krogh Kristensen <erik-krogh@github.com>
Date: Tue, 29 Mar 2022 23:39:22 +0200
Subject: [PATCH 4/4] fix mistake in inlining

---
 javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll b/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll
index b6cf17812b9..dbf42435613 100644
--- a/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll
+++ b/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll
@@ -970,7 +970,7 @@ class ClassNode extends DataFlow::SourceNode instanceof ClassNode::Range {
     exists(DataFlow::TypeTracker t2, StepSummary summary, DataFlow::SourceNode prev |
       prev = this.getAClassReference(t2) and
       StepSummary::step(prev, result, summary) and
-      t2 = t.append(summary)
+      t = t2.append(summary)
     )
   }