Skip to content

Commit dbf6925

Browse files
committed
C++: Fix missing flow by adding a case for flow from 'InstructionNode' to 'SSaPhiNode'.
1 parent 18a3414 commit dbf6925

2 files changed

Lines changed: 7 additions & 1 deletion

File tree

cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/Ssa.qll

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -348,6 +348,12 @@ private module Cached {
348348
nodeTo.(SsaPhiNode).hasInputAtRankInBlock(block, rnk)
349349
)
350350
or
351+
exists(Def def, IRBlock block, int rnk |
352+
def.getInstruction() = nodeFrom.asInstruction() and
353+
def.hasRankInBlock(block, rnk) and
354+
nodeTo.(SsaPhiNode).hasInputAtRankInBlock(block, rnk)
355+
)
356+
or
351357
// Def-use flow from a `StoreNode` to an `OperandNode`.
352358
exists(
353359
StoreNode store, IRBlock bb1, int i1, IRBlock bb2, int i2, Def def, Use use, Definition ssaDef

cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/annotate_sinks_only/defaulttainttracking.cpp

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -263,7 +263,7 @@ int test_readv_and_writev(iovec* iovs) {
263263
void test4(char* buffer) {
264264
while (buffer != 0) {
265265
buffer = buffer - 1;
266-
sink(buffer); // $ ast MISSING: ir
266+
sink(buffer); // $ ast,ir
267267
}
268268
}
269269

0 commit comments

Comments
 (0)