JS: Add more overlay[caller?] annotations

2025-12-16 16:53:25 +01:00 · 2025-10-15 11:05:22 +02:00
parent 66febb263d
commit e72232fd1d
10 changed files with 13 additions and 0 deletions
--- a/javascript/ql/lib/semmle/javascript/AST.qll
+++ b/javascript/ql/lib/semmle/javascript/AST.qll
@@ -174,6 +174,7 @@ class AstNode extends @ast_node, NodeInStmtContainer {
   * The TypeScript compiler emits no code for ambient declarations, but they
   * can affect name resolution and type checking at compile-time.
   */
+  overlay[caller?]
  pragma[inline]
  predicate isAmbient() {
    this.isAmbientInternal()
--- a/javascript/ql/lib/semmle/javascript/Locations.qll
+++ b/javascript/ql/lib/semmle/javascript/Locations.qll
@@ -32,6 +32,7 @@ final class Location extends @location_default {
  int getNumLines() { result = this.getEndLine() - this.getStartLine() + 1 }

  /** Holds if this location starts before location `that`. */
+  overlay[caller]
  pragma[inline]
  predicate startsBefore(Location that) {
    exists(string f, int sl1, int sc1, int sl2, int sc2 |
@@ -45,6 +46,7 @@ final class Location extends @location_default {
  }

  /** Holds if this location ends after location `that`. */
+  overlay[caller]
  pragma[inline]
  predicate endsAfter(Location that) {
    exists(string f, int el1, int ec1, int el2, int ec2 |
--- a/javascript/ql/lib/semmle/javascript/Promises.qll
+++ b/javascript/ql/lib/semmle/javascript/Promises.qll
@@ -238,6 +238,7 @@ module PromiseTypeTracking {
   *
   * These type-tracking steps are already included in the default type-tracking steps (through `PreCallGraphStep`).
   */
+  overlay[caller?]
  pragma[inline]
  DataFlow::Node promiseStep(DataFlow::Node pred, StepSummary summary) {
    exists(string field | field = Promises::valueProp() |
@@ -256,6 +257,7 @@ module PromiseTypeTracking {
   * Gets the result from a single step through a promise, from `pred` with tracker `t2` to `result` with tracker `t`.
   * This can be loading a resolved value from a promise, storing a value in a promise, or copying a resolved value from one promise to another.
   */
+  overlay[caller?]
  pragma[inline]
  DataFlow::SourceNode promiseStep(
    DataFlow::SourceNode pred, DataFlow::TypeTracker t, DataFlow::TypeTracker t2
--- a/javascript/ql/lib/semmle/javascript/dataflow/DataFlow.qll
+++ b/javascript/ql/lib/semmle/javascript/dataflow/DataFlow.qll
@@ -1436,6 +1436,7 @@ module DataFlow {
  /**
   * Gets the data flow node corresponding to `e`.
   */
+  overlay[caller?]
  pragma[inline]
  ExprNode exprNode(Expr e) { result = valueNode(e) }

--- a/javascript/ql/lib/semmle/javascript/dataflow/internal/Contents.qll
+++ b/javascript/ql/lib/semmle/javascript/dataflow/internal/Contents.qll
@@ -197,6 +197,7 @@ module Public {
   */
  class ContentSet extends TContentSet {
    /** Gets a content that may be stored into when storing into this set. */
+    overlay[caller?]
    pragma[inline]
    Content getAStoreContent() {
      result = this.asSingleton()
--- a/javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowPrivate.qll
+++ b/javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowPrivate.qll
@@ -762,6 +762,7 @@ class ContentApprox extends TContentApprox {
  }
 }

+overlay[global]
 pragma[inline]
 ContentApprox getContentApprox(Content c) {
  c instanceof MkPropertyContent and result = TApproxPropertyContent()
--- a/javascript/ql/lib/semmle/javascript/dataflow/internal/FlowSteps.qll
+++ b/javascript/ql/lib/semmle/javascript/dataflow/internal/FlowSteps.qll
@@ -48,6 +48,7 @@ private predicate legacyPostUpdateStep(DataFlow::Node pred, DataFlow::Node succ)
 * Holds if data can flow in one step from `pred` to `succ`,  taking
 * additional steps from the configuration into account.
 */
+overlay[caller?]
 pragma[inline]
 deprecated predicate localFlowStep(
  DataFlow::Node pred, DataFlow::Node succ, DataFlow::Configuration configuration,
--- a/javascript/ql/lib/semmle/javascript/dataflow/internal/sharedlib/Ssa.qll
+++ b/javascript/ql/lib/semmle/javascript/dataflow/internal/sharedlib/Ssa.qll
@@ -96,6 +96,7 @@ module SsaDataflowInput implements DataFlowIntegrationInputSig {
    }
  }

+  overlay[caller?]
  pragma[inline]
  predicate guardDirectlyControlsBlock(Guard guard, js::Cfg::BasicBlock bb, GuardValue branch) {
    exists(js::ConditionGuardNode g |
--- a/javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsSpecific.qll
+++ b/javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsSpecific.qll
@@ -195,6 +195,7 @@ API::Node getExtraSuccessorFromNode(API::Node node, AccessPathTokenBase token) {
 }

 bindingset[node]
+overlay[caller?]
 pragma[inline_late]
 private API::Node getAGuardedRouteHandlerApprox(API::Node node) {
  // For now just get any routing node with the same root (i.e. the same web app), as
@@ -235,6 +236,7 @@ private predicate blockFuzzyCall(DataFlow::CallNode call) {
  isCommonBuiltinMethodName(call.getCalleeName())
 }

+overlay[caller?]
 pragma[inline]
 API::Node getAFuzzySuccessor(API::Node node) {
  result = node.getAMember() and
--- a/javascript/ql/lib/semmle/javascript/internal/StmtContainers.qll
+++ b/javascript/ql/lib/semmle/javascript/internal/StmtContainers.qll
@@ -48,6 +48,7 @@ class NodeInStmtContainer extends Locatable, @node_in_stmt_container {
  /**
   * Gets the function or toplevel to which this node belongs.
   */
+  overlay[caller]
  pragma[inline]
  final StmtContainer getContainer() { result = getStmtContainer(this) }
 }