hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 19:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

C++: Generate SSA variables for all calls instead of just for calls to

Browse Source 
allocators.
This commit is contained in:
Mathias Vorreiter Pedersen
2023-08-07 17:24:59 +01:00
parent 560b876c01
commit e2feed78a0
2 changed files with 5 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternals.qll
View File

@@ -193,7 +193,7 @@ abstract private class DefOrUseImpl extends TDefOrUseImpl {
/** /**
* Gets the instruction that computes the base of this definition or use. * Gets the instruction that computes the base of this definition or use.
* This is always a `VariableAddressInstruction` or an `AllocationInstruction`. * This is always a `VariableAddressInstruction` or an `CallInstruction`.
*/ */
abstract BaseSourceVariableInstruction getBase(); abstract BaseSourceVariableInstruction getBase();

17
cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternalsCommon.qll
View File

@@ -146,14 +146,6 @@ int countIndirectionsForCppType(LanguageType langType) {
) )
} }
/**
* A `CallInstruction` that calls an allocation function such
* as `malloc` or `operator new`.
*/
class AllocationInstruction extends CallInstruction {
AllocationInstruction() { this.getStaticCallTarget() instanceof Cpp::AllocationFunction }
}
private predicate isIndirectionType(Type t) { t instanceof Indirection } private predicate isIndirectionType(Type t) { t instanceof Indirection }
private predicate hasUnspecifiedBaseType(Indirection t, Type base) { private predicate hasUnspecifiedBaseType(Indirection t, Type base) {
@@ -368,7 +360,7 @@ newtype TBaseSourceVariable =
// Each IR variable gets its own source variable // Each IR variable gets its own source variable
TBaseIRVariable(IRVariable var) or TBaseIRVariable(IRVariable var) or
// Each allocation gets its own source variable // Each allocation gets its own source variable
TBaseCallVariable(AllocationInstruction call) TBaseCallVariable(CallInstruction call) { not call.getResultIRType() instanceof IRVoidType }
abstract private class AbstractBaseSourceVariable extends TBaseSourceVariable { abstract private class AbstractBaseSourceVariable extends TBaseSourceVariable {
/** Gets a textual representation of this element. */ /** Gets a textual representation of this element. */
@@ -396,11 +388,11 @@ class BaseIRVariable extends AbstractBaseSourceVariable, TBaseIRVariable {
} }
class BaseCallVariable extends AbstractBaseSourceVariable, TBaseCallVariable { class BaseCallVariable extends AbstractBaseSourceVariable, TBaseCallVariable {
AllocationInstruction call; CallInstruction call;
BaseCallVariable() { this = TBaseCallVariable(call) } BaseCallVariable() { this = TBaseCallVariable(call) }
AllocationInstruction getCallInstruction() { result = call } CallInstruction getCallInstruction() { result = call }
override string toString() { result = call.toString() } override string toString() { result = call.toString() }
@@ -504,8 +496,7 @@ private class BaseIRVariableInstruction extends BaseSourceVariableInstruction,
override BaseIRVariable getBaseSourceVariable() { result.getIRVariable() = this.getIRVariable() } override BaseIRVariable getBaseSourceVariable() { result.getIRVariable() = this.getIRVariable() }
} }
private class BaseAllocationInstruction extends BaseSourceVariableInstruction, AllocationInstruction private class BaseCallInstruction extends BaseSourceVariableInstruction, CallInstruction {
{
override BaseCallVariable getBaseSourceVariable() { result.getCallInstruction() = this } override BaseCallVariable getBaseSourceVariable() { result.getCallInstruction() = this }
} }