From 29982fe30e971f69c7d1143f5adb3ec03477696b Mon Sep 17 00:00:00 2001 From: Tom Hvitved Date: Wed, 30 Aug 2023 13:48:44 +0200 Subject: [PATCH] C#: Do not embed target callable in `TransitiveCapturedCall` --- .../csharp/dataflow/internal/DataFlowDispatch.qll | 11 ++++++----- .../code/csharp/dataflow/internal/DataFlowPrivate.qll | 2 +- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowDispatch.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowDispatch.qll index 9f6ff2ce17f..0c57c2cea3b 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowDispatch.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowDispatch.qll @@ -109,8 +109,8 @@ private module Cached { TExplicitDelegateLikeCall(ControlFlow::Nodes::ElementNode cfn, DelegateLikeCall dc) { cfn.getAstNode() = dc } or - TTransitiveCapturedCall(ControlFlow::Nodes::ElementNode cfn, Callable target) { - transitiveCapturedCallTarget(cfn, target) + TTransitiveCapturedCall(ControlFlow::Nodes::ElementNode cfn) { + transitiveCapturedCallTarget(cfn, _) } or TCilCall(CIL::Call call) { // No need to include calls that are compiled from source @@ -389,11 +389,12 @@ class ExplicitDelegateLikeDataFlowCall extends DelegateDataFlowCall, TExplicitDe */ class TransitiveCapturedDataFlowCall extends DataFlowCall, TTransitiveCapturedCall { private ControlFlow::Nodes::ElementNode cfn; - private Callable target; - TransitiveCapturedDataFlowCall() { this = TTransitiveCapturedCall(cfn, target) } + TransitiveCapturedDataFlowCall() { this = TTransitiveCapturedCall(cfn) } - override DataFlowCallable getARuntimeTarget() { result.asCallable() = target } + override DataFlowCallable getARuntimeTarget() { + transitiveCapturedCallTarget(cfn, result.asCallable()) + } override ControlFlow::Nodes::ElementNode getControlFlowNode() { result = cfn } diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll index e7c11557a4c..308df381a12 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll @@ -1564,7 +1564,7 @@ private module OutNodes { additionalCalls = false and call = csharpCall(_, cfn) or additionalCalls = true and - call = TTransitiveCapturedCall(cfn, n.getEnclosingCallable()) + call = TTransitiveCapturedCall(cfn) ) }