Always extract ValueEQ/NEExpr for Kotlin ==/!=

I introduce AnyEqualsExpr for either reference or value equality and AnyEqualityTest for the same concept including not-equals operators, and use them wherever the written QL clearly doesn't care about the difference between reference and value comparison, typically because it is concerned with testing against null or against a primitive constant.
2025-12-21 11:16:30 +01:00 · 2022-02-04 16:42:13 +00:00
parent a120fab9f7
commit f95effcf82
27 changed files with 118 additions and 80 deletions
--- a/java/ql/src/Security/CWE/CWE-022/TaintedPathCommon.qll
+++ b/java/ql/src/Security/CWE/CWE-022/TaintedPathCommon.qll
@@ -16,7 +16,7 @@ private predicate inWeakCheck(Expr e) {
  )
  or
  // Checking against `null` has no bearing on path traversal.
-  exists(EqualityTest b | b.getAnOperand() = e | b.getAnOperand() instanceof NullLiteral)
+  exists(AnyEqualityTest b | b.getAnOperand() = e | b.getAnOperand() instanceof NullLiteral)
 }

 // Ignore cases where the variable has been checked somehow,
--- a/java/ql/src/Security/CWE/CWE-681/NumericCastCommon.qll
+++ b/java/ql/src/Security/CWE/CWE-681/NumericCastCommon.qll
@@ -46,7 +46,7 @@ predicate boundedRead(RValue read) {
 }

 predicate castCheck(RValue read) {
-  exists(EqualityTest eq, CastExpr cast |
+  exists(AnyEqualityTest eq, CastExpr cast |
    cast.getExpr() = read and
    eq.hasOperands(cast, read.getVariable().getAnAccess())
  )