From be2777bc31fad41ca962b6b9ed62ac9a1580a47a Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Tue, 28 Jan 2025 18:51:31 +0000 Subject: [PATCH] C++: Don't infer lambda calls when there is a static dispatch to a source or summary callable. --- .../code/cpp/ir/dataflow/internal/DataFlowPrivate.qll | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll index b373a0a3260..d6b4bb8c86e 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll @@ -1339,7 +1339,12 @@ predicate lambdaCreation(Node creation, LambdaCallKind kind, DataFlowCallable c) /** Holds if `call` is a lambda call of kind `kind` where `receiver` is the lambda expression. */ predicate lambdaCall(DataFlowCall call, LambdaCallKind kind, Node receiver) { ( - call.(SummaryCall).getReceiver() = receiver.(FlowSummaryNode).getSummaryNode() or + call.(SummaryCall).getReceiver() = receiver.(FlowSummaryNode).getSummaryNode() + or + // No need to infer a lambda call if we already have a static dispatch target. + // We only need to check this in the disjunct since a `SummaryCall` never + // has a result for `getStaticCallTarget`. + not exists(call.getStaticCallTarget()) and call.asCallInstruction().getCallTargetOperand() = receiver.asOperand() ) and exists(kind)