Skip to content
This repository was archived by the owner on Jan 5, 2023. It is now read-only.

Commit 9091528

Browse files
smowtonsmowton
committed
Move getUnderlyingNode into Protobuf.qll
This is its only user for now.
1 parent 59f9c60 commit 9091528

2 files changed

Lines changed: 12 additions & 12 deletions

File tree

ql/src/semmle/go/dataflow/internal/DataFlowUtil.qll

Lines changed: 0 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -600,16 +600,6 @@ class ComponentReadNode extends ReadNode {
600600
Node getBase() { result = instructionNode(insn.getBase()) }
601601
}
602602

603-
/**
604-
* Gets the data-flow node representing the bottom of a stack of zero or more `ComponentReadNode`s.
605-
*
606-
* For example, in the expression a.b[c].d[e], this would return the dataflow node for the read from `a`.
607-
*/
608-
Node getUnderlyingNode(ReadNode read) {
609-
(result = read or result = read.(ComponentReadNode).getBase+()) and
610-
not result instanceof ComponentReadNode
611-
}
612-
613603
/**
614604
* A data-flow node that reads an element of an array, map, slice or string.
615605
*/

ql/src/semmle/go/frameworks/Protobuf.qll

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -145,16 +145,26 @@ module Protobuf {
145145
exists(Type base | base.getPointerType() instanceof MessageType | result = base.getField(_))
146146
}
147147

148+
/**
149+
* Gets the data-flow node representing the bottom of a stack of zero or more `ComponentReadNode`s.
150+
*
151+
* For example, in the expression a.b[c].d[e], this would return the dataflow node for the read from `a`.
152+
*/
153+
DataFlow::Node getUnderlyingNode(DataFlow::ReadNode read) {
154+
(result = read or result = read.(DataFlow::ComponentReadNode).getBase+()) and
155+
not result instanceof DataFlow::ComponentReadNode
156+
}
157+
148158
/**
149159
* Additional taint step tainting a Message when taint is written to any of its fields and/or elements.
150160
*/
151161
private class WriteMessageFieldStep extends TaintTracking::AdditionalTaintStep {
152162
override predicate step(DataFlow::Node pred, DataFlow::Node succ) {
153-
exists(DataFlow::ReadNode base | succ = DataFlow::getUnderlyingNode(base) |
163+
exists(DataFlow::ReadNode base | succ = getUnderlyingNode(base) |
154164
any(DataFlow::Write w).writesField(base, getAMessageField(), pred)
155165
)
156166
or
157-
exists(DataFlow::ReadNode base | succ = DataFlow::getUnderlyingNode(base) |
167+
exists(DataFlow::ReadNode base | succ = getUnderlyingNode(base) |
158168
any(DataFlow::Write w).writesElement(base, _, pred) and
159169
[succ.getType(), succ.getType().getPointerType()] instanceof MessageType
160170
)

0 commit comments

Comments
 (0)