diff --git a/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll index 6a2f7f2a0e0..3d76de1014e 100644 --- a/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll +++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll @@ -180,6 +180,8 @@ module MakeImpl Lang> { private predicate stateBarrier = Stage1::stateBarrier/2; + private predicate toNormalSinkNode = Stage1::toNormalSinkNode/1; + private predicate sourceNode = Stage1::sourceNode/2; private predicate sinkNode = Stage1::sinkNode/2; @@ -1770,7 +1772,7 @@ module MakeImpl Lang> { TPathNodeSink(NodeEx node, FlowState state) { exists(PathNodeMid sink | sink.isAtSink() and - node = sink.toNormalSinkNodeEx() and + node = sink.toNormalSinkNode() and state = sink.getState() ) } or @@ -1930,13 +1932,7 @@ module MakeImpl Lang> { /** If this node corresponds to a sink, gets the normal node for that sink. */ pragma[nomagic] - NodeEx toNormalSinkNodeEx() { - exists(Node n | - pragma[only_bind_out](node.asNodeOrImplicitRead()) = n and - (Stage1::isRelevantSink(n) or Stage1::isRelevantSink(n, _)) and - result.asNode() = n - ) - } + NodeEx toNormalSinkNode() { result = toNormalSinkNode(node) } override PathNodeImpl getASuccessorImpl(string label) { // an intermediate step to another intermediate node @@ -2031,7 +2027,7 @@ module MakeImpl Lang> { exists(string model | this.isAtSink() and sinkModel(node, model) and - result.getNodeEx() = this.toNormalSinkNodeEx() and + result.getNodeEx() = this.toNormalSinkNode() and result.getState() = state and if model != "" then label = "Sink:" + model else label = "" ) diff --git a/shared/dataflow/codeql/dataflow/internal/DataFlowImplStage1.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImplStage1.qll index 86c8c2b25e1..b2142cfbe83 100644 --- a/shared/dataflow/codeql/dataflow/internal/DataFlowImplStage1.qll +++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImplStage1.qll @@ -24,16 +24,15 @@ module MakeImplStage1 Lang> { bindingset[source, sink] predicate isRelevantSourceSinkPair(Node source, Node sink); - predicate isRelevantSink(Node sink, FlowState state); - - predicate isRelevantSink(Node sink); - predicate inBarrier(NodeEx node, FlowState state); predicate outBarrier(NodeEx node, FlowState state); predicate stateBarrier(NodeEx node, FlowState state); + /** If `node` corresponds to a sink, gets the normal node for that sink. */ + NodeEx toNormalSinkNode(NodeEx node); + predicate sourceNode(NodeEx node, FlowState state); predicate sinkNode(NodeEx node, FlowState state); @@ -269,6 +268,16 @@ module MakeImplStage1 Lang> { not stateBarrier(node, state) } + /** If `node` corresponds to a sink, gets the normal node for that sink. */ + pragma[nomagic] + NodeEx toNormalSinkNodeEx(NodeEx node) { + exists(Node n | + pragma[only_bind_out](node.asNodeOrImplicitRead()) = n and + (isRelevantSink(n) or isRelevantSink(n, _)) and + result.asNode() = n + ) + } + /** Provides the relevant barriers for a step from `node1` to `node2`. */ bindingset[node1, node2] private predicate stepFilter(NodeEx node1, NodeEx node2) { @@ -1212,12 +1221,6 @@ module MakeImplStage1 Lang> { private predicate localStateStepNodeCand1Alias = localStateStepNodeCand1/7; module Stage1NoState implements Stage1Output { - predicate isRelevantSink(Node sink, FlowState state) { - SourceSinkFiltering::isRelevantSink(sink, state) - } - - predicate isRelevantSink(Node sink) { SourceSinkFiltering::isRelevantSink(sink) } - predicate inBarrier = inBarrierAlias/2; predicate outBarrier = outBarrierAlias/2; @@ -1241,6 +1244,8 @@ module MakeImplStage1 Lang> { import Stage1 import Stage1Common + predicate toNormalSinkNode = toNormalSinkNodeEx/1; + predicate sourceNode = sourceNodeAlias/2; predicate jumpStepEx = jumpStepExAlias/2;