From d62f41713029af6dc9d593b6ac9ae8ffca497639 Mon Sep 17 00:00:00 2001 From: Sauyon Lee Date: Wed, 29 Sep 2021 08:17:57 -0700 Subject: [PATCH] Remove uses of getEnclosingCallable --- .../semmle/go/security/InsecureRandomnessCustomizations.qll | 4 +--- .../semmle/go/security/UnsafeUnzipSymlinkCustomizations.qll | 2 +- ql/src/RedundantCode/RedundantRecover.ql | 2 +- ql/src/Security/CWE-338/InsecureRandomness.ql | 2 +- 4 files changed, 4 insertions(+), 6 deletions(-) diff --git a/ql/lib/semmle/go/security/InsecureRandomnessCustomizations.qll b/ql/lib/semmle/go/security/InsecureRandomnessCustomizations.qll index e3185b5f3dd..c894afb4123 100644 --- a/ql/lib/semmle/go/security/InsecureRandomnessCustomizations.qll +++ b/ql/lib/semmle/go/security/InsecureRandomnessCustomizations.qll @@ -72,9 +72,7 @@ module InsecureRandomness { */ class PasswordFnSink extends Sink { PasswordFnSink() { - this.getEnclosingCallable() - .getName() - .regexpMatch("(?i).*(gen(erate)?|salt|make|mk)Password.*") + this.getRoot().(FuncDef).getName().regexpMatch("(?i).*(gen(erate)?|salt|make|mk)Password.*") } override string getKind() { result = "a password-related function" } diff --git a/ql/lib/semmle/go/security/UnsafeUnzipSymlinkCustomizations.qll b/ql/lib/semmle/go/security/UnsafeUnzipSymlinkCustomizations.qll index 020d9a323ef..ebd413a629c 100644 --- a/ql/lib/semmle/go/security/UnsafeUnzipSymlinkCustomizations.qll +++ b/ql/lib/semmle/go/security/UnsafeUnzipSymlinkCustomizations.qll @@ -86,7 +86,7 @@ module UnsafeUnzipSymlink { * Gets a `CallNode` that may call `node`'s enclosing function. */ private DataFlow::CallNode getACaller(DataFlow::CallNode node) { - result.getACallee() = node.getEnclosingCallable() + result.getACallee().getFuncDef() = node.getRoot() } /** diff --git a/ql/src/RedundantCode/RedundantRecover.ql b/ql/src/RedundantCode/RedundantRecover.ql index e34ad4dda69..d2138068515 100644 --- a/ql/src/RedundantCode/RedundantRecover.ql +++ b/ql/src/RedundantCode/RedundantRecover.ql @@ -20,7 +20,7 @@ predicate isDeferred(DataFlow::CallNode call) { from DataFlow::CallNode recoverCall, FuncDef f, string msg where recoverCall.getTarget() = Builtin::recover() and - f = recoverCall.getEnclosingCallable().getFuncDef() and + f = recoverCall.getRoot() and ( isDeferred(recoverCall) and msg = "Deferred calls to 'recover' have no effect." diff --git a/ql/src/Security/CWE-338/InsecureRandomness.ql b/ql/src/Security/CWE-338/InsecureRandomness.ql index e843116b12a..37ec1c21655 100644 --- a/ql/src/Security/CWE-338/InsecureRandomness.ql +++ b/ql/src/Security/CWE-338/InsecureRandomness.ql @@ -24,7 +24,7 @@ where sink = min(DataFlow::PathNode sink2, int line | cfg.hasFlowPath(_, sink2) and - sink2.getNode().getEnclosingCallable() = sink.getNode().getEnclosingCallable() and + sink2.getNode().getRoot() = sink.getNode().getRoot() and sink2.hasLocationInfo(_, line, _, _, _) | sink2 order by line