mirror of
https://github.com/github/codeql.git
synced 2025-12-24 12:46:34 +01:00
bebd5ae36b
After #3382 changed the escape analysis to model qualifiers as escaping, there was an imbalance in the SSA library, where `addressTakenVariable` excludes variables from SSA analysis if they have their address taken but are _not_ passed by reference. This showed up as a missing result in `TOCTOUFilesystemRace.ql`, demonstrated with a test case in #3432. This commit changes the definition of "pass by reference" to include call qualifiers, which allows SSA modeling of variables that have member function calls on them.