From a78c35b95ea39df22e8f62386e452602d3d8a03e Mon Sep 17 00:00:00 2001
From: Sauyon Lee <sauyon@github.com>
Date: Thu, 5 Nov 2020 21:38:52 -0800
Subject: [PATCH] Simplify net/http ResponseBody logic

---
 ql/src/semmle/go/frameworks/stdlib/NetHttp.qll | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/ql/src/semmle/go/frameworks/stdlib/NetHttp.qll b/ql/src/semmle/go/frameworks/stdlib/NetHttp.qll
index bd406400cb4..830e47f3c7e 100644
--- a/ql/src/semmle/go/frameworks/stdlib/NetHttp.qll
+++ b/ql/src/semmle/go/frameworks/stdlib/NetHttp.qll
@@ -145,16 +145,10 @@ module NetHttp {
         responseWriter = call.(DataFlow::MethodCallNode).getReceiver()
       )
       or
-      exists(
-        TaintTracking::FunctionModel model, FunctionOutput modelOutput, FunctionInput modelInput,
-        DataFlow::CallNode call
-      |
+      exists(TaintTracking::FunctionModel model |
         // A modelled function conveying taint from some input to the response writer,
         // e.g. `io.Copy(responseWriter, someTaintedReader)`
-        call = model.getACall() and
-        model.hasTaintFlow(modelInput, modelOutput) and
-        this = modelInput.getNode(call) and
-        responseWriter = modelOutput.getNode(call).(DataFlow::PostUpdateNode).getPreUpdateNode() and
+        model.taintStep(this, responseWriter) and
         responseWriter.getType().implements("net/http", "ResponseWriter")
       )
     }