diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImplConsistency.qll b/cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImplConsistency.qll index f681e90aa21..3eacc21f356 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImplConsistency.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImplConsistency.qll @@ -244,4 +244,20 @@ module Consistency { not callable = viableCallable(call) and not any(ConsistencyConfiguration c).viableImplInCallContextTooLargeExclude(call, ctx, callable) } + + query predicate uniqueParameterNodeAtPosition( + DataFlowCallable c, ParameterPosition pos, Node p, string msg + ) { + isParameterNode(p, c, pos) and + not exists(unique(Node p0 | isParameterNode(p0, c, pos))) and + msg = "Parameters with overlapping positions." + } + + query predicate uniqueParameterNodePosition( + DataFlowCallable c, ParameterPosition pos, Node p, string msg + ) { + isParameterNode(p, c, pos) and + not exists(unique(ParameterPosition pos0 | isParameterNode(p, c, pos0))) and + msg = "Parameter node with multiple positions." + } } diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplConsistency.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplConsistency.qll index f681e90aa21..3eacc21f356 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplConsistency.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplConsistency.qll @@ -244,4 +244,20 @@ module Consistency { not callable = viableCallable(call) and not any(ConsistencyConfiguration c).viableImplInCallContextTooLargeExclude(call, ctx, callable) } + + query predicate uniqueParameterNodeAtPosition( + DataFlowCallable c, ParameterPosition pos, Node p, string msg + ) { + isParameterNode(p, c, pos) and + not exists(unique(Node p0 | isParameterNode(p0, c, pos))) and + msg = "Parameters with overlapping positions." + } + + query predicate uniqueParameterNodePosition( + DataFlowCallable c, ParameterPosition pos, Node p, string msg + ) { + isParameterNode(p, c, pos) and + not exists(unique(ParameterPosition pos0 | isParameterNode(p, c, pos0))) and + msg = "Parameter node with multiple positions." + } } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplConsistency.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplConsistency.qll index f681e90aa21..3eacc21f356 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplConsistency.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplConsistency.qll @@ -244,4 +244,20 @@ module Consistency { not callable = viableCallable(call) and not any(ConsistencyConfiguration c).viableImplInCallContextTooLargeExclude(call, ctx, callable) } + + query predicate uniqueParameterNodeAtPosition( + DataFlowCallable c, ParameterPosition pos, Node p, string msg + ) { + isParameterNode(p, c, pos) and + not exists(unique(Node p0 | isParameterNode(p0, c, pos))) and + msg = "Parameters with overlapping positions." + } + + query predicate uniqueParameterNodePosition( + DataFlowCallable c, ParameterPosition pos, Node p, string msg + ) { + isParameterNode(p, c, pos) and + not exists(unique(ParameterPosition pos0 | isParameterNode(p, c, pos0))) and + msg = "Parameter node with multiple positions." + } } diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-consistency.expected b/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-consistency.expected index 8c15a1cbcb9..948a1ed7cf9 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-consistency.expected +++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-consistency.expected @@ -93,3 +93,5 @@ postWithInFlow | test.cpp:499:4:499:4 | p [inner post update] | PostUpdateNode should not be the target of local flow. | | test.cpp:505:35:505:35 | x [inner post update] | PostUpdateNode should not be the target of local flow. | viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-ir-consistency.expected b/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-ir-consistency.expected index ea2f4ae0d29..90e2d6f31d5 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-ir-consistency.expected +++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-ir-consistency.expected @@ -637,3 +637,5 @@ postWithInFlow | true_upon_entry.cpp:101:18:101:18 | VariableAddress [post update] | PostUpdateNode should not be the target of local flow. | | true_upon_entry.cpp:102:5:102:5 | x [post update] | PostUpdateNode should not be the target of local flow. | viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/cpp/ql/test/library-tests/dataflow/fields/dataflow-consistency.expected b/cpp/ql/test/library-tests/dataflow/fields/dataflow-consistency.expected index 8a9e15049fc..e8d3ee839dc 100644 --- a/cpp/ql/test/library-tests/dataflow/fields/dataflow-consistency.expected +++ b/cpp/ql/test/library-tests/dataflow/fields/dataflow-consistency.expected @@ -158,3 +158,5 @@ postWithInFlow | struct_init.c:24:11:24:12 | ab [inner post update] | PostUpdateNode should not be the target of local flow. | | struct_init.c:36:17:36:24 | nestedAB [inner post update] | PostUpdateNode should not be the target of local flow. | viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/cpp/ql/test/library-tests/dataflow/fields/dataflow-ir-consistency.expected b/cpp/ql/test/library-tests/dataflow/fields/dataflow-ir-consistency.expected index c1b3d0c66b7..7841e662585 100644 --- a/cpp/ql/test/library-tests/dataflow/fields/dataflow-ir-consistency.expected +++ b/cpp/ql/test/library-tests/dataflow/fields/dataflow-ir-consistency.expected @@ -1326,3 +1326,5 @@ postWithInFlow | struct_init.c:46:16:46:24 | pointerAB [post update] | PostUpdateNode should not be the target of local flow. | | struct_init.c:46:16:46:24 | pointerAB [post update] | PostUpdateNode should not be the target of local flow. | viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/cpp/ql/test/library-tests/syntax-zoo/dataflow-consistency.expected b/cpp/ql/test/library-tests/syntax-zoo/dataflow-consistency.expected index 1980b113311..3c0812213c3 100644 --- a/cpp/ql/test/library-tests/syntax-zoo/dataflow-consistency.expected +++ b/cpp/ql/test/library-tests/syntax-zoo/dataflow-consistency.expected @@ -127,3 +127,5 @@ postWithInFlow | static_init_templates.cpp:21:2:21:4 | val [post update] | PostUpdateNode should not be the target of local flow. | | try_catch.cpp:7:8:7:8 | call to exception | PostUpdateNode should not be the target of local flow. | viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/cpp/ql/test/library-tests/syntax-zoo/dataflow-ir-consistency.expected b/cpp/ql/test/library-tests/syntax-zoo/dataflow-ir-consistency.expected index 26abe41c33f..e8b6e1048c6 100644 --- a/cpp/ql/test/library-tests/syntax-zoo/dataflow-ir-consistency.expected +++ b/cpp/ql/test/library-tests/syntax-zoo/dataflow-ir-consistency.expected @@ -2713,3 +2713,7 @@ postWithInFlow | whilestmt.c:40:7:40:7 | VariableAddress [post update] | PostUpdateNode should not be the target of local flow. | | whilestmt.c:42:7:42:7 | VariableAddress [post update] | PostUpdateNode should not be the target of local flow. | viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +| ir.cpp:724:6:724:13 | TryCatch | 0 | ir.cpp:735:22:735:22 | *s | Parameters with overlapping positions. | +| ir.cpp:724:6:724:13 | TryCatch | 0 | ir.cpp:738:24:738:24 | *e | Parameters with overlapping positions. | +uniqueParameterNodePosition diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplConsistency.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplConsistency.qll index f681e90aa21..3eacc21f356 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplConsistency.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplConsistency.qll @@ -244,4 +244,20 @@ module Consistency { not callable = viableCallable(call) and not any(ConsistencyConfiguration c).viableImplInCallContextTooLargeExclude(call, ctx, callable) } + + query predicate uniqueParameterNodeAtPosition( + DataFlowCallable c, ParameterPosition pos, Node p, string msg + ) { + isParameterNode(p, c, pos) and + not exists(unique(Node p0 | isParameterNode(p0, c, pos))) and + msg = "Parameters with overlapping positions." + } + + query predicate uniqueParameterNodePosition( + DataFlowCallable c, ParameterPosition pos, Node p, string msg + ) { + isParameterNode(p, c, pos) and + not exists(unique(ParameterPosition pos0 | isParameterNode(p, c, pos0))) and + msg = "Parameter node with multiple positions." + } } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplConsistency.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplConsistency.qll index f681e90aa21..3eacc21f356 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplConsistency.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplConsistency.qll @@ -244,4 +244,20 @@ module Consistency { not callable = viableCallable(call) and not any(ConsistencyConfiguration c).viableImplInCallContextTooLargeExclude(call, ctx, callable) } + + query predicate uniqueParameterNodeAtPosition( + DataFlowCallable c, ParameterPosition pos, Node p, string msg + ) { + isParameterNode(p, c, pos) and + not exists(unique(Node p0 | isParameterNode(p0, c, pos))) and + msg = "Parameters with overlapping positions." + } + + query predicate uniqueParameterNodePosition( + DataFlowCallable c, ParameterPosition pos, Node p, string msg + ) { + isParameterNode(p, c, pos) and + not exists(unique(ParameterPosition pos0 | isParameterNode(p, c, pos0))) and + msg = "Parameter node with multiple positions." + } } diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplConsistency.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplConsistency.qll index f681e90aa21..3eacc21f356 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplConsistency.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplConsistency.qll @@ -244,4 +244,20 @@ module Consistency { not callable = viableCallable(call) and not any(ConsistencyConfiguration c).viableImplInCallContextTooLargeExclude(call, ctx, callable) } + + query predicate uniqueParameterNodeAtPosition( + DataFlowCallable c, ParameterPosition pos, Node p, string msg + ) { + isParameterNode(p, c, pos) and + not exists(unique(Node p0 | isParameterNode(p0, c, pos))) and + msg = "Parameters with overlapping positions." + } + + query predicate uniqueParameterNodePosition( + DataFlowCallable c, ParameterPosition pos, Node p, string msg + ) { + isParameterNode(p, c, pos) and + not exists(unique(ParameterPosition pos0 | isParameterNode(p, c, pos0))) and + msg = "Parameter node with multiple positions." + } } diff --git a/python/ql/test/experimental/dataflow/basic/dataflow-consistency.expected b/python/ql/test/experimental/dataflow/basic/dataflow-consistency.expected index 8f4dbd04742..686ddfdb83d 100644 --- a/python/ql/test/experimental/dataflow/basic/dataflow-consistency.expected +++ b/python/ql/test/experimental/dataflow/basic/dataflow-consistency.expected @@ -19,3 +19,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/python/ql/test/experimental/dataflow/calls/dataflow-consistency.expected b/python/ql/test/experimental/dataflow/calls/dataflow-consistency.expected index 8f4dbd04742..686ddfdb83d 100644 --- a/python/ql/test/experimental/dataflow/calls/dataflow-consistency.expected +++ b/python/ql/test/experimental/dataflow/calls/dataflow-consistency.expected @@ -19,3 +19,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/python/ql/test/experimental/dataflow/consistency/dataflow-consistency.expected b/python/ql/test/experimental/dataflow/consistency/dataflow-consistency.expected index 8f4dbd04742..686ddfdb83d 100644 --- a/python/ql/test/experimental/dataflow/consistency/dataflow-consistency.expected +++ b/python/ql/test/experimental/dataflow/consistency/dataflow-consistency.expected @@ -19,3 +19,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/python/ql/test/experimental/dataflow/coverage/dataflow-consistency.expected b/python/ql/test/experimental/dataflow/coverage/dataflow-consistency.expected index 8f4dbd04742..686ddfdb83d 100644 --- a/python/ql/test/experimental/dataflow/coverage/dataflow-consistency.expected +++ b/python/ql/test/experimental/dataflow/coverage/dataflow-consistency.expected @@ -19,3 +19,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/python/ql/test/experimental/dataflow/fieldflow/dataflow-consistency.expected b/python/ql/test/experimental/dataflow/fieldflow/dataflow-consistency.expected index 8f4dbd04742..686ddfdb83d 100644 --- a/python/ql/test/experimental/dataflow/fieldflow/dataflow-consistency.expected +++ b/python/ql/test/experimental/dataflow/fieldflow/dataflow-consistency.expected @@ -19,3 +19,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/python/ql/test/experimental/dataflow/global-flow/dataflow-consistency.expected b/python/ql/test/experimental/dataflow/global-flow/dataflow-consistency.expected index 8f4dbd04742..686ddfdb83d 100644 --- a/python/ql/test/experimental/dataflow/global-flow/dataflow-consistency.expected +++ b/python/ql/test/experimental/dataflow/global-flow/dataflow-consistency.expected @@ -19,3 +19,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/python/ql/test/experimental/dataflow/match/dataflow-consistency.expected b/python/ql/test/experimental/dataflow/match/dataflow-consistency.expected index 8f4dbd04742..686ddfdb83d 100644 --- a/python/ql/test/experimental/dataflow/match/dataflow-consistency.expected +++ b/python/ql/test/experimental/dataflow/match/dataflow-consistency.expected @@ -19,3 +19,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/python/ql/test/experimental/dataflow/pep_328/dataflow-consistency.expected b/python/ql/test/experimental/dataflow/pep_328/dataflow-consistency.expected index 8f4dbd04742..686ddfdb83d 100644 --- a/python/ql/test/experimental/dataflow/pep_328/dataflow-consistency.expected +++ b/python/ql/test/experimental/dataflow/pep_328/dataflow-consistency.expected @@ -19,3 +19,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/python/ql/test/experimental/dataflow/regression/dataflow-consistency.expected b/python/ql/test/experimental/dataflow/regression/dataflow-consistency.expected index 8f4dbd04742..686ddfdb83d 100644 --- a/python/ql/test/experimental/dataflow/regression/dataflow-consistency.expected +++ b/python/ql/test/experimental/dataflow/regression/dataflow-consistency.expected @@ -19,3 +19,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/python/ql/test/experimental/dataflow/strange-essaflow/dataflow-consistency.expected b/python/ql/test/experimental/dataflow/strange-essaflow/dataflow-consistency.expected index 8f4dbd04742..686ddfdb83d 100644 --- a/python/ql/test/experimental/dataflow/strange-essaflow/dataflow-consistency.expected +++ b/python/ql/test/experimental/dataflow/strange-essaflow/dataflow-consistency.expected @@ -19,3 +19,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/python/ql/test/experimental/dataflow/tainttracking/basic/dataflow-consistency.expected b/python/ql/test/experimental/dataflow/tainttracking/basic/dataflow-consistency.expected index 8f4dbd04742..686ddfdb83d 100644 --- a/python/ql/test/experimental/dataflow/tainttracking/basic/dataflow-consistency.expected +++ b/python/ql/test/experimental/dataflow/tainttracking/basic/dataflow-consistency.expected @@ -19,3 +19,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/python/ql/test/experimental/dataflow/tainttracking/commonSanitizer/dataflow-consistency.expected b/python/ql/test/experimental/dataflow/tainttracking/commonSanitizer/dataflow-consistency.expected index 8f4dbd04742..686ddfdb83d 100644 --- a/python/ql/test/experimental/dataflow/tainttracking/commonSanitizer/dataflow-consistency.expected +++ b/python/ql/test/experimental/dataflow/tainttracking/commonSanitizer/dataflow-consistency.expected @@ -19,3 +19,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/python/ql/test/experimental/dataflow/tainttracking/customSanitizer/dataflow-consistency.expected b/python/ql/test/experimental/dataflow/tainttracking/customSanitizer/dataflow-consistency.expected index 8f4dbd04742..686ddfdb83d 100644 --- a/python/ql/test/experimental/dataflow/tainttracking/customSanitizer/dataflow-consistency.expected +++ b/python/ql/test/experimental/dataflow/tainttracking/customSanitizer/dataflow-consistency.expected @@ -19,3 +19,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep-py3/dataflow-consistency.expected b/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep-py3/dataflow-consistency.expected index 8f4dbd04742..686ddfdb83d 100644 --- a/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep-py3/dataflow-consistency.expected +++ b/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep-py3/dataflow-consistency.expected @@ -19,3 +19,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/dataflow-consistency.expected b/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/dataflow-consistency.expected index 8f4dbd04742..686ddfdb83d 100644 --- a/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/dataflow-consistency.expected +++ b/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/dataflow-consistency.expected @@ -19,3 +19,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/python/ql/test/experimental/dataflow/tainttracking/unwanted-global-flow/dataflow-consistency.expected b/python/ql/test/experimental/dataflow/tainttracking/unwanted-global-flow/dataflow-consistency.expected index 8f4dbd04742..686ddfdb83d 100644 --- a/python/ql/test/experimental/dataflow/tainttracking/unwanted-global-flow/dataflow-consistency.expected +++ b/python/ql/test/experimental/dataflow/tainttracking/unwanted-global-flow/dataflow-consistency.expected @@ -19,3 +19,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/python/ql/test/experimental/dataflow/typetracking/dataflow-consistency.expected b/python/ql/test/experimental/dataflow/typetracking/dataflow-consistency.expected index 8f4dbd04742..686ddfdb83d 100644 --- a/python/ql/test/experimental/dataflow/typetracking/dataflow-consistency.expected +++ b/python/ql/test/experimental/dataflow/typetracking/dataflow-consistency.expected @@ -19,3 +19,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/python/ql/test/experimental/dataflow/variable-capture/dataflow-consistency.expected b/python/ql/test/experimental/dataflow/variable-capture/dataflow-consistency.expected index 8f4dbd04742..686ddfdb83d 100644 --- a/python/ql/test/experimental/dataflow/variable-capture/dataflow-consistency.expected +++ b/python/ql/test/experimental/dataflow/variable-capture/dataflow-consistency.expected @@ -19,3 +19,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/python/ql/test/library-tests/ApiGraphs/py3/dataflow-consistency.expected b/python/ql/test/library-tests/ApiGraphs/py3/dataflow-consistency.expected index 8f4dbd04742..686ddfdb83d 100644 --- a/python/ql/test/library-tests/ApiGraphs/py3/dataflow-consistency.expected +++ b/python/ql/test/library-tests/ApiGraphs/py3/dataflow-consistency.expected @@ -19,3 +19,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/python/ql/test/library-tests/frameworks/django-orm/dataflow-consistency.expected b/python/ql/test/library-tests/frameworks/django-orm/dataflow-consistency.expected index 06a8a168262..78188947e79 100644 --- a/python/ql/test/library-tests/frameworks/django-orm/dataflow-consistency.expected +++ b/python/ql/test/library-tests/frameworks/django-orm/dataflow-consistency.expected @@ -67,3 +67,5 @@ reverseRead argHasPostUpdate postWithInFlow viableImplInCallContextTooLarge +uniqueParameterNodeAtPosition +uniqueParameterNodePosition diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplConsistency.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplConsistency.qll index f681e90aa21..3eacc21f356 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplConsistency.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplConsistency.qll @@ -244,4 +244,20 @@ module Consistency { not callable = viableCallable(call) and not any(ConsistencyConfiguration c).viableImplInCallContextTooLargeExclude(call, ctx, callable) } + + query predicate uniqueParameterNodeAtPosition( + DataFlowCallable c, ParameterPosition pos, Node p, string msg + ) { + isParameterNode(p, c, pos) and + not exists(unique(Node p0 | isParameterNode(p0, c, pos))) and + msg = "Parameters with overlapping positions." + } + + query predicate uniqueParameterNodePosition( + DataFlowCallable c, ParameterPosition pos, Node p, string msg + ) { + isParameterNode(p, c, pos) and + not exists(unique(ParameterPosition pos0 | isParameterNode(p, c, pos0))) and + msg = "Parameter node with multiple positions." + } } diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplConsistency.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplConsistency.qll index f681e90aa21..3eacc21f356 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplConsistency.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplConsistency.qll @@ -244,4 +244,20 @@ module Consistency { not callable = viableCallable(call) and not any(ConsistencyConfiguration c).viableImplInCallContextTooLargeExclude(call, ctx, callable) } + + query predicate uniqueParameterNodeAtPosition( + DataFlowCallable c, ParameterPosition pos, Node p, string msg + ) { + isParameterNode(p, c, pos) and + not exists(unique(Node p0 | isParameterNode(p0, c, pos))) and + msg = "Parameters with overlapping positions." + } + + query predicate uniqueParameterNodePosition( + DataFlowCallable c, ParameterPosition pos, Node p, string msg + ) { + isParameterNode(p, c, pos) and + not exists(unique(ParameterPosition pos0 | isParameterNode(p, c, pos0))) and + msg = "Parameter node with multiple positions." + } }