From dcb98ab5a1cee23e40e4b39ac4b60288e6d71737 Mon Sep 17 00:00:00 2001
From: Mathias Vorreiter Pedersen <mapeder@microsoft.com>
Date: Thu, 27 Mar 2025 18:01:28 +0000
Subject: [PATCH] PS: Don't include the this parameter in getParameter.

---
 .../powershell/ast/internal/ScriptBlock.qll   | 10 +++++---
 .../internal/ControlFlowGraphImpl.qll         | 24 +++++++++++++++++++
 2 files changed, 31 insertions(+), 3 deletions(-)

diff --git a/powershell/ql/lib/semmle/code/powershell/ast/internal/ScriptBlock.qll b/powershell/ql/lib/semmle/code/powershell/ast/internal/ScriptBlock.qll
index ad71dd42426..343cd8927f1 100644
--- a/powershell/ql/lib/semmle/code/powershell/ast/internal/ScriptBlock.qll
+++ b/powershell/ql/lib/semmle/code/powershell/ast/internal/ScriptBlock.qll
@@ -79,6 +79,9 @@ class ScriptBlock extends Ast, TScriptBlock {
       result = this.getParameter(index)
     )
     or
+    i = ThisVar() and
+    result = this.getThisParameter()
+    or
     exists(int index |
       i = scriptBlockUsing(index) and
       result = this.getUsingStmt(index)
@@ -90,13 +93,14 @@ class ScriptBlock extends Ast, TScriptBlock {
     or
     any(Synthesis s).pipelineParameterHasIndex(this, i) and
     synthChild(getRawAst(this), PipelineParamVar(), result)
-    or
-    i = -1 and
-    synthChild(getRawAst(this), ThisVar(), result)
   }
 
+  Parameter getThisParameter() { synthChild(getRawAst(this), ThisVar(), result) }
+
   /**
    * Gets a parameter of this block.
+   *
+   * Note: This does not include the `this` parameter, but it does include pipeline parameters.
    */
   Parameter getAParameter() { result = this.getParameter(_) }
 
diff --git a/powershell/ql/lib/semmle/code/powershell/controlflow/internal/ControlFlowGraphImpl.qll b/powershell/ql/lib/semmle/code/powershell/controlflow/internal/ControlFlowGraphImpl.qll
index 25d0773b0c0..f67a748068e 100644
--- a/powershell/ql/lib/semmle/code/powershell/controlflow/internal/ControlFlowGraphImpl.qll
+++ b/powershell/ql/lib/semmle/code/powershell/controlflow/internal/ControlFlowGraphImpl.qll
@@ -151,6 +151,30 @@ module Trees {
 
     override predicate succ(AstNode pred, AstNode succ, Completion c) {
       this.succEntry(pred, c) and
+      (
+        first(super.getThisParameter(), succ)
+        or
+        not exists(super.getThisParameter()) and
+        first(super.getParameter(0), succ)
+        or
+        not exists(super.getThisParameter()) and
+        not exists(super.getAParameter()) and
+        first(super.getBeginBlock(), succ)
+        or
+        not exists(super.getThisParameter()) and
+        not exists(super.getAParameter()) and
+        not exists(super.getBeginBlock()) and
+        first(super.getProcessBlock(), succ)
+        or
+        not exists(super.getThisParameter()) and
+        not exists(super.getAParameter()) and
+        not exists(super.getBeginBlock()) and
+        not exists(super.getProcessBlock()) and
+        first(super.getEndBlock(), succ)
+      )
+      or
+      last(super.getThisParameter(), pred, c) and
+      completionIsNormal(c) and
       (
         first(super.getParameter(0), succ)
         or