Skip to content

Commit bfae3fd

Browse files
authored
Merge pull request #665 from owen-mc/update-function-get-a-call
Update `Function.getACall()`
2 parents 5a2a15c + 4d1dcb3 commit bfae3fd

3 files changed

Lines changed: 9 additions & 8 deletions

File tree

ql/lib/semmle/go/Scopes.qll

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -366,13 +366,14 @@ class PromotedField extends Field {
366366

367367
/** A built-in or declared function. */
368368
class Function extends ValueEntity, @functionobject {
369-
/** Gets a call to this function. */
369+
/**
370+
* Gets a call to this function.
371+
*
372+
* This includes calls that target this function indirectly, by calling an
373+
* interface method that this function implements.
374+
*/
370375
pragma[nomagic]
371-
DataFlow::CallNode getACall() {
372-
this = result.getTarget()
373-
or
374-
this = result.getACalleeIncludingExternals().asFunction()
375-
}
376+
DataFlow::CallNode getACall() { this = result.getACalleeIncludingExternals().asFunction() }
376377

377378
/** Gets the declaration of this function, if any. */
378379
FuncDecl getFuncDecl() { none() }

ql/lib/semmle/go/security/ExternalAPIs.qll

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -74,7 +74,7 @@ class ExternalAPIDataNode extends DataFlow::Node {
7474
// Not already modeled as a taint step
7575
not exists(DataFlow::Node next | TaintTracking::localTaintStep(this, next)) and
7676
// Not a call to a known safe external API
77-
not call = any(SafeExternalAPIFunction f).getACall()
77+
not call.getTarget() instanceof SafeExternalAPIFunction
7878
}
7979

8080
/** Gets the called API `Function`. */

ql/lib/semmle/go/security/InsecureRandomnessCustomizations.qll

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,7 @@ module InsecureRandomness {
6060
// Some interfaces in the `crypto` package are the same as interfaces
6161
// elsewhere, e.g. tls.listener is the same as net.Listener
6262
not fn.hasQualifiedName(nonCryptoInterface(), _) and
63-
this = fn.getACall().getAnArgument()
63+
exists(DataFlow::CallNode call | call.getTarget() = fn and this = call.getAnArgument())
6464
)
6565
}
6666

0 commit comments

Comments
 (0)