diff --git a/ql/lib/semmle/go/controlflow/ControlFlowGraph.qll b/ql/lib/semmle/go/controlflow/ControlFlowGraph.qll index 4bb09adfbad..51e03de3ab7 100644 --- a/ql/lib/semmle/go/controlflow/ControlFlowGraph.qll +++ b/ql/lib/semmle/go/controlflow/ControlFlowGraph.qll @@ -147,7 +147,7 @@ module ControlFlow { } /** - * Holds if this node sets the value of element `idx` on `base` (or its implicit dereference) + * Holds if this node sets the value of element `index` on `base` (or its implicit dereference) * to `rhs`. * * For example, for the assignment `xs[i] = v`, `base` is either the data-flow node diff --git a/ql/lib/semmle/go/dataflow/ExternalFlow.qll b/ql/lib/semmle/go/dataflow/ExternalFlow.qll index f64d74b922b..48872777e82 100644 --- a/ql/lib/semmle/go/dataflow/ExternalFlow.qll +++ b/ql/lib/semmle/go/dataflow/ExternalFlow.qll @@ -190,20 +190,20 @@ predicate summaryModel( } /** Holds if `package` have CSV framework coverage. */ -private predicate relevantPackage(string package) { +private predicate packageHasCsvCoverage(string package) { sourceModel(package, _, _, _, _, _, _, _) or sinkModel(package, _, _, _, _, _, _, _) or summaryModel(package, _, _, _, _, _, _, _, _) } /** - * Holds if `shortpkg` and `longpkg` have CSV framework coverage and `shortpkg` - * is a subpackage of `longpkg`. + * Holds if `package` and `subpkg` have CSV framework coverage and `subpkg` + * is a subpackage of `package`. */ -private predicate packageLink(string shortpkg, string longpkg) { - relevantPackage(shortpkg) and - relevantPackage(longpkg) and - longpkg.prefix(longpkg.indexOf(".")) = shortpkg +private predicate packageHasASubpackage(string package, string subpkg) { + packageHasCsvCoverage(package) and + packageHasCsvCoverage(subpkg) and + subpkg.prefix(subpkg.indexOf(".")) = package } /** @@ -211,7 +211,7 @@ private predicate packageLink(string shortpkg, string longpkg) { * any other package with CSV framework coverage. */ private predicate canonicalPackage(string package) { - relevantPackage(package) and not packageLink(_, package) + packageHasCsvCoverage(package) and not packageHasASubpackage(_, package) } /** @@ -219,9 +219,9 @@ private predicate canonicalPackage(string package) { * subpackage of `package` (or they are the same), and `package` is not a * subpackage of any other package with CSV framework coverage. */ -private predicate canonicalPkgLink(string package, string subpkg) { +private predicate canonicalPackageHasASubpackage(string package, string subpkg) { canonicalPackage(package) and - (subpkg = package or packageLink(package, subpkg)) + (subpkg = package or packageHasASubpackage(package, subpkg)) } /** @@ -230,13 +230,13 @@ private predicate canonicalPkgLink(string package, string subpkg) { * which have CSV framework coverage (including `package` itself). */ predicate modelCoverage(string package, int pkgs, string kind, string part, int n) { - pkgs = strictcount(string subpkg | canonicalPkgLink(package, subpkg)) and + pkgs = strictcount(string subpkg | canonicalPackageHasASubpackage(package, subpkg)) and ( part = "source" and n = strictcount(string subpkg, string type, boolean subtypes, string name, string signature, string ext, string output | - canonicalPkgLink(package, subpkg) and + canonicalPackageHasASubpackage(package, subpkg) and sourceModel(subpkg, type, subtypes, name, signature, ext, output, kind) ) or @@ -244,7 +244,7 @@ predicate modelCoverage(string package, int pkgs, string kind, string part, int n = strictcount(string subpkg, string type, boolean subtypes, string name, string signature, string ext, string input | - canonicalPkgLink(package, subpkg) and + canonicalPackageHasASubpackage(package, subpkg) and sinkModel(subpkg, type, subtypes, name, signature, ext, input, kind) ) or @@ -252,7 +252,7 @@ predicate modelCoverage(string package, int pkgs, string kind, string part, int n = strictcount(string subpkg, string type, boolean subtypes, string name, string signature, string ext, string input, string output | - canonicalPkgLink(package, subpkg) and + canonicalPackageHasASubpackage(package, subpkg) and summaryModel(subpkg, type, subtypes, name, signature, ext, input, output, kind) ) ) diff --git a/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll b/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll index 1e0fa7e6221..c16f3a5075f 100644 --- a/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll +++ b/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll @@ -545,6 +545,10 @@ module Public { abstract predicate isParameterOf(DataFlowCallable c, int i); } + /** + * A summary node which represents a parameter in a function which doesn't + * already have a parameter nodes. + */ class SummarizedParameterNode extends ParameterNode, MkSummarizedParameterNode { DataFlowCallable c; int i; @@ -1085,18 +1089,20 @@ module Public { * A data-flow node representing an index of an array, map, slice or string defined from `range` statement. * * Example: in `i, _ := range y { ... }`, this represents the `Node` that extracts the index from the - * range statement, which will flow to `x`. + * range statement, which will flow to `i`. */ class RangeIndexNode extends Node { DataFlow::Node base; RangeIndexNode() { + // when there is a comma, as in `i, x := range y { ... }` exists(IR::ExtractTupleElementInstruction extract | this.asInstruction() = extract and extract.extractsElement(_, 0) and extract.getBase().(IR::GetNextEntryInstruction).getDomain() = base.asInstruction() ) or + // when there is no comma, as in `i := range y { ... }` not exists(IR::ExtractTupleElementInstruction extract | extract.getBase() = this.asInstruction() ) and