Merge pull request github#14382 from MathiasVP/deduplicate-why

MathiasVP · web-flow · commit a08356979f5f · 2023-10-06T12:52:58.000+02:00
C++: Project away `why` to prevent tuple duplication in `Buffer.qll`
diff --git a/cpp/ql/lib/semmle/code/cpp/commons/Buffer.qll b/cpp/ql/lib/semmle/code/cpp/commons/Buffer.qll
@@ -73,6 +73,10 @@ private int isSource(Expr bufferExpr, Element why) {
   )
 }
 
+/** Same as `getBufferSize`, but with the `why` column projected away to prevent large duplications. */
+pragma[nomagic]
+int getBufferSizeProj(Expr bufferExpr) { result = getBufferSize(bufferExpr, _) }
+
 /**
  * Get the size in bytes of the buffer pointed to by an expression (if this can be determined).
  */
@@ -87,15 +91,14 @@ int getBufferSize(Expr bufferExpr, Element why) {
     why = bufferVar and
     parentPtr = bufferExpr.(VariableAccess).getQualifier() and
     parentPtr.getTarget().getUnspecifiedType().(PointerType).getBaseType() = parentClass and
-    result = getBufferSize(parentPtr, _) + bufferSize - parentClass.getSize()
+    result = getBufferSizeProj(parentPtr) + bufferSize - parentClass.getSize()
   |
     if exists(bufferVar.getType().getSize())
     then bufferSize = bufferVar.getType().getSize()
     else bufferSize = 0
   )
   or
   // dataflow (all sources must be the same size)
-  result = unique(Expr def | DataFlow::localExprFlowStep(def, bufferExpr) | getBufferSize(def, _)) and
-  // find reason
+  result = unique(Expr def | DataFlow::localExprFlowStep(def, bufferExpr) | getBufferSizeProj(def)) and
   exists(Expr def | DataFlow::localExprFlowStep(def, bufferExpr) | exists(getBufferSize(def, why)))
 }

Original file line number	Diff line number	Diff line change
`@@ -73,6 +73,10 @@ private int isSource(Expr bufferExpr, Element why) {`
`73`	`73`	`)`
`74`	`74`	`}`
`75`	`75`
	`76`	+/** Same as `getBufferSize`, but with the `why` column projected away to prevent large duplications. */
	`77`	`+pragma[nomagic]`
	`78`	`+int getBufferSizeProj(Expr bufferExpr) { result = getBufferSize(bufferExpr, _) }`
	`79`	`+`
`76`	`80`	`/**`
`77`	`81`	`* Get the size in bytes of the buffer pointed to by an expression (if this can be determined).`
`78`	`82`	`*/`
`@@ -87,15 +91,14 @@ int getBufferSize(Expr bufferExpr, Element why) {`
`87`	`91`	`why = bufferVar and`
`88`	`92`	`parentPtr = bufferExpr.(VariableAccess).getQualifier() and`
`89`	`93`	`parentPtr.getTarget().getUnspecifiedType().(PointerType).getBaseType() = parentClass and`
`90`		`- result = getBufferSize(parentPtr, _) + bufferSize - parentClass.getSize()`
	`94`	`+ result = getBufferSizeProj(parentPtr) + bufferSize - parentClass.getSize()`
`91`	`95`	`\|`
`92`	`96`	`if exists(bufferVar.getType().getSize())`
`93`	`97`	`then bufferSize = bufferVar.getType().getSize()`
`94`	`98`	`else bufferSize = 0`
`95`	`99`	`)`
`96`	`100`	`or`
`97`	`101`	`// dataflow (all sources must be the same size)`
`98`		`- result = unique(Expr def \| DataFlow::localExprFlowStep(def, bufferExpr) \| getBufferSize(def, _)) and`
`99`		`- // find reason`
	`102`	`+ result = unique(Expr def \| DataFlow::localExprFlowStep(def, bufferExpr) \| getBufferSizeProj(def)) and`
`100`	`103`	`exists(Expr def \| DataFlow::localExprFlowStep(def, bufferExpr) \| exists(getBufferSize(def, why)))`
`101`	`104`	`}`