Skip to content

Commit cbf1657

Browse files
asgerfasgerf
committed
Ruby: tweak pipeline a bit
1 parent b13b2ce commit cbf1657

File tree

1 file changed

+29
-17
lines changed

1 file changed

+29
-17
lines changed

ruby/ql/lib/codeql/ruby/typetracking/TypeTrackerSpecific.qll

Lines changed: 29 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -155,11 +155,12 @@ predicate returnStep(Node nodeFrom, Node nodeTo) {
155155
predicate basicStoreStep(Node nodeFrom, Node nodeTo, TypeTrackerContentSet contents) {
156156
postUpdateStoreStep(nodeFrom, nodeTo, contents)
157157
or
158-
exists(DataFlowPublic::CallNode call, SummaryComponent input, SummaryComponent output |
159-
summarizableCall(call.asExpr().getExpr(), //
160-
SummaryComponentStack::singleton(input),
161-
SummaryComponentStack::push(SummaryComponent::content(contents),
162-
SummaryComponentStack::singleton(output))) and
158+
exists(
159+
SummarizedCallable callable, DataFlowPublic::CallNode call, SummaryComponent input,
160+
SummaryComponent output
161+
|
162+
hasStoreSummary(callable, contents, input, output) and
163+
call.asExpr().getExpr() = callable.getACallSimple() and
163164
nodeFrom = evaluateSummaryComponentLocal(call, input) and
164165
nodeTo = evaluateSummaryComponentLocal(call, output)
165166
)
@@ -194,11 +195,12 @@ predicate basicLoadStep(Node nodeFrom, Node nodeTo, TypeTrackerContentSet conten
194195
nodeTo.asExpr() = call
195196
)
196197
or
197-
exists(DataFlowPublic::CallNode call, SummaryComponent input, SummaryComponent output |
198-
summarizableCall(call.asExpr().getExpr(), //
199-
SummaryComponentStack::push(SummaryComponent::content(contents),
200-
SummaryComponentStack::singleton(input)), //
201-
SummaryComponentStack::singleton(output)) and
198+
exists(
199+
SummarizedCallable callable, DataFlowPublic::CallNode call, SummaryComponent input,
200+
SummaryComponent output
201+
|
202+
hasLoadSummary(callable, contents, input, output) and
203+
call.asExpr().getExpr() = callable.getACallSimple() and
202204
nodeFrom = evaluateSummaryComponentLocal(call, input) and
203205
nodeTo = evaluateSummaryComponentLocal(call, output)
204206
)
@@ -211,14 +213,24 @@ class Boolean extends boolean {
211213
Boolean() { this = true or this = false }
212214
}
213215

214-
/** Holds if `call` has a summary consisting of the given `input`/`output` pair. */
215-
private predicate summarizableCall(
216-
MethodCall call, SummaryComponentStack input, SummaryComponentStack output
216+
private import SummaryComponentStack
217+
218+
private predicate hasStoreSummary(
219+
SummarizedCallable callable, TypeTrackerContentSet contents, SummaryComponent input,
220+
SummaryComponent output
217221
) {
218-
exists(SummarizedCallable callable |
219-
call = callable.getACallSimple() and
220-
callable.propagatesFlow(input, output, true)
221-
)
222+
callable
223+
.propagatesFlow(singleton(input),
224+
push(SummaryComponent::content(contents), singleton(output)), true)
225+
}
226+
227+
private predicate hasLoadSummary(
228+
SummarizedCallable callable, TypeTrackerContentSet contents, SummaryComponent input,
229+
SummaryComponent output
230+
) {
231+
callable
232+
.propagatesFlow(push(SummaryComponent::content(contents), singleton(input)),
233+
singleton(output), true)
222234
}
223235

224236
/**

0 commit comments

Comments
 (0)