mirror of
https://github.com/github/codeql.git
synced 2025-12-16 08:43:11 +01:00
44 lines
1.3 KiB
Plaintext
44 lines
1.3 KiB
Plaintext
import csharp
|
|
private import semmle.code.csharp.dataflow.internal.BaseSSA
|
|
|
|
/** "Naive" def-use implementation. */
|
|
predicate defReaches(
|
|
AssignableDefinition def, BaseSsa::SimpleLocalScopeVariable v, ControlFlow::Node cfn
|
|
) {
|
|
def.getTarget() = v and cfn = def.getExpr().getAControlFlowNode().getASuccessor()
|
|
or
|
|
exists(ControlFlow::Node mid | defReaches(def, v, mid) |
|
|
not mid =
|
|
any(AssignableDefinition ad | ad.getTarget() = v and ad.isCertain())
|
|
.getExpr()
|
|
.getAControlFlowNode() and
|
|
cfn = mid.getASuccessor()
|
|
)
|
|
}
|
|
|
|
predicate defUsePair(AssignableDefinition def, AssignableRead read) {
|
|
exists(Assignable a |
|
|
defReaches(def, a, read.getAControlFlowNode()) and
|
|
read.getTarget() = a
|
|
)
|
|
}
|
|
|
|
private LocalScopeVariableRead getAReachableUncertainRead(AssignableDefinition def) {
|
|
exists(Ssa::Definition ssaDef |
|
|
def = ssaDef.getAnUltimateDefinition().(Ssa::ExplicitDefinition).getADefinition()
|
|
|
|
|
result = ssaDef.getARead()
|
|
)
|
|
}
|
|
|
|
from AssignableDefinition def, LocalScopeVariableRead read, string s
|
|
where
|
|
read = getAReachableUncertainRead(def) and
|
|
not defUsePair(def, read) and
|
|
s = "not a def/use pair"
|
|
or
|
|
defUsePair(def, read) and
|
|
not read = getAReachableUncertainRead(def) and
|
|
s = "missing def/use pair"
|
|
select def, read, s
|