diff --git a/cpp/ql/src/Documentation/CommentedOutCode.qll b/cpp/ql/src/Documentation/CommentedOutCode.qll index c1097701bef7..3ecdb1a3252d 100644 --- a/cpp/ql/src/Documentation/CommentedOutCode.qll +++ b/cpp/ql/src/Documentation/CommentedOutCode.qll @@ -119,7 +119,7 @@ class CommentBlock extends Comment { */ predicate hasLocationInfo(string filepath, int startline, int startcolumn, int endline, int endcolumn) { this.getLocation().hasLocationInfo(filepath, startline, startcolumn, _, _) and - this.lastComment().getLocation().hasLocationInfo(filepath, _, _, endline, endcolumn) + this.lastComment().getLocation().hasLocationInfo(_, _, _, endline, endcolumn) } } diff --git a/cpp/ql/src/META-INF/MANIFEST.MF b/cpp/ql/src/META-INF/MANIFEST.MF index 9297719168ec..f117922d2ef4 100644 --- a/cpp/ql/src/META-INF/MANIFEST.MF +++ b/cpp/ql/src/META-INF/MANIFEST.MF @@ -2,7 +2,7 @@ Manifest-Version: 1.0 Bundle-ManifestVersion: 2 Bundle-Name: Semmle C/C++ Default Queries Bundle-SymbolicName: com.semmle.plugin.semmlecode.cpp.queries;singleton:=true -Bundle-Version: 1.18.0.qualifier +Bundle-Version: 1.18.1.qualifier Bundle-Vendor: Semmle Ltd. Bundle-ActivationPolicy: lazy -Require-Bundle: com.semmle.plugin.qdt.ui;bundle-version="[1.18.0.qualifier,1.18.0.qualifier]" +Require-Bundle: com.semmle.plugin.qdt.ui;bundle-version="[1.18.1.qualifier,1.18.1.qualifier]" diff --git a/cpp/ql/src/semmle/code/cpp/Element.qll b/cpp/ql/src/semmle/code/cpp/Element.qll index 7231d11aec9d..10ad7135b0a6 100644 --- a/cpp/ql/src/semmle/code/cpp/Element.qll +++ b/cpp/ql/src/semmle/code/cpp/Element.qll @@ -2,41 +2,38 @@ import semmle.code.cpp.Location private import semmle.code.cpp.Enclosing private import semmle.code.cpp.internal.ResolveClass -/** - * Get the `@element` that represents this `@element`. - * Normally this will simply be `e`, but sometimes it is not. - * For example, for an incomplete struct `e` the result may be a - * complete struct with the same name. - */ -private cached @element resolveElement(@element e) { - if isClass(e) - then result = resolveClass(e) - else result = e -} - /** * Get the `Element` that represents this `@element`. * Normally this will simply be a cast of `e`, but sometimes it is not. * For example, for an incomplete struct `e` the result may be a * complete struct with the same name. */ +pragma[inline] Element mkElement(@element e) { - result = resolveElement(e) + unresolveElement(result) = e } /** - * Get an `@element` that resolves to the `Element`. This should + * INTERNAL: Do not use. + * + * Gets an `@element` that resolves to the `Element`. This should * normally only be called from member predicates, where `e` is not * `this` and you need the result for an argument to a database * extensional. * See `underlyingElement` for when `e` is `this`. */ +pragma[inline] @element unresolveElement(Element e) { - resolveElement(result) = e + not result instanceof @usertype and + result = e + or + e = resolveClass(result) } /** - * Get the `@element` that this `Element` extends. This should normally + * INTERNAL: Do not use. + * + * Gets the `@element` that this `Element` extends. This should normally * only be called from member predicates, where `e` is `this` and you * need the result for an argument to a database extensional. * See `unresolveElement` for when `e` is not `this`. @@ -53,10 +50,6 @@ Element mkElement(@element e) { * `getLocation`, or `hasLocationInfo`. */ class ElementBase extends @element { - ElementBase() { - this = resolveElement(_) - } - /** Gets a textual representation of this element. */ string toString() { none() } } diff --git a/cpp/ql/src/semmle/code/cpp/Specifier.qll b/cpp/ql/src/semmle/code/cpp/Specifier.qll index 373d8db57505..0bb9d0dd9b7d 100644 --- a/cpp/ql/src/semmle/code/cpp/Specifier.qll +++ b/cpp/ql/src/semmle/code/cpp/Specifier.qll @@ -294,13 +294,13 @@ class AttributeArgument extends Element, @attribute_arg { } override string toString() { - if exists (@attribute_arg_empty self | mkElement(self) = this) + if exists (@attribute_arg_empty self | self = underlyingElement(this)) then result = "empty argument" else exists (string prefix, string tail | (if exists(getName()) then prefix = getName() + "=" else prefix = "") and - (if exists (@attribute_arg_type self | mkElement(self) = this) + (if exists (@attribute_arg_type self | self = underlyingElement(this)) then tail = getValueType().getName() else tail = getValueText()) and result = prefix + tail) diff --git a/cpp/ql/src/semmle/code/cpp/Type.qll b/cpp/ql/src/semmle/code/cpp/Type.qll index 060d7a27e976..08418c1191e6 100644 --- a/cpp/ql/src/semmle/code/cpp/Type.qll +++ b/cpp/ql/src/semmle/code/cpp/Type.qll @@ -7,6 +7,8 @@ private import semmle.code.cpp.internal.ResolveClass * A C/C++ type. */ class Type extends Locatable, @type { + Type() { isType(underlyingElement(this)) } + /** * Gets the name of this type. */ diff --git a/cpp/ql/src/semmle/code/cpp/internal/ResolveClass.qll b/cpp/ql/src/semmle/code/cpp/internal/ResolveClass.qll index fd38c749dcc2..fb1e3f05da7d 100644 --- a/cpp/ql/src/semmle/code/cpp/internal/ResolveClass.qll +++ b/cpp/ql/src/semmle/code/cpp/internal/ResolveClass.qll @@ -54,4 +54,10 @@ cached private module Cached { (usertypes(t,_,1) or usertypes(t,_,2) or usertypes(t,_,3) or usertypes(t,_,6) or usertypes(t,_,10) or usertypes(t,_,11) or usertypes(t,_,12)) } + + cached predicate isType(@type t) { + not isClass(t) + or + t = resolveClass(_) + } } diff --git a/cpp/ql/src/semmle/code/cpp/pointsto/PointsTo.qll b/cpp/ql/src/semmle/code/cpp/pointsto/PointsTo.qll index bd4684cdfa42..6f1ab3758262 100644 --- a/cpp/ql/src/semmle/code/cpp/pointsto/PointsTo.qll +++ b/cpp/ql/src/semmle/code/cpp/pointsto/PointsTo.qll @@ -633,12 +633,26 @@ class PointsToExpr extends Expr pragma[noopt] Element pointsTo() { - this.interesting() and exists(int set, @element thisEntity, @element resultEntity | thisEntity = underlyingElement(this) and pointstosets(set, thisEntity) and setlocations(set, resultEntity) and resultEntity = unresolveElement(result)) + this.interesting() and + exists(int set, @element thisEntity, @element resultEntity | + thisEntity = underlyingElement(this) and + pointstosets(set, thisEntity) and + setlocations(set, resultEntity) and + resultEntity = localUnresolveElement(result) + ) } float confidence() { result = 1.0 / count(this.pointsTo()) } } +/* + * This is used above in a `pragma[noopt]` context, which prevents its + * customary inlining. We materialise it explicitly here. + */ +private @element localUnresolveElement(Element e) { + result = unresolveElement(e) +} + /** * Holds if anything points to an element, that is, is equivalent to: * ``` diff --git a/cpp/ql/src/semmle/code/cpp/security/Overflow.qll b/cpp/ql/src/semmle/code/cpp/security/Overflow.qll index 5e3a6cc8b80f..3a5b72c1d389 100644 --- a/cpp/ql/src/semmle/code/cpp/security/Overflow.qll +++ b/cpp/ql/src/semmle/code/cpp/security/Overflow.qll @@ -13,6 +13,7 @@ predicate guardedAbs(Operation e, Expr use) { } /** is the size of this use guarded to be less than something? */ +pragma[nomagic] predicate guardedLesser(Operation e, Expr use) { exists(IfStmt c, RelationalOperation guard | use = guard.getLesserOperand().getAChild*() and @@ -33,6 +34,7 @@ predicate guardedLesser(Operation e, Expr use) { } /** is the size of this use guarded to be greater than something? */ +pragma[nomagic] predicate guardedGreater(Operation e, Expr use) { exists(IfStmt c, RelationalOperation guard | use = guard.getGreaterOperand().getAChild*() and diff --git a/cpp/ql/test/library-tests/templates/CPP-204/element.expected b/cpp/ql/test/library-tests/templates/CPP-204/element.expected index c8a874108efb..6c07e74e41c7 100644 --- a/cpp/ql/test/library-tests/templates/CPP-204/element.expected +++ b/cpp/ql/test/library-tests/templates/CPP-204/element.expected @@ -34,7 +34,6 @@ | test.cpp:8:31:8:35 | initializer for Value | | test.cpp:11:10:11:11 | mention of EC | | test.cpp:11:25:11:27 | mention of IsX | -| test.cpp:11:25:11:27 | mention of IsX | | test.cpp:12:8:12:9 | DX | | test.cpp:12:8:12:9 | definition of DX | | test.cpp:13:17:13:20 | Type | diff --git a/csharp/ql/src/META-INF/MANIFEST.MF b/csharp/ql/src/META-INF/MANIFEST.MF index 9c1c8f2b1e1b..41a500e23d56 100644 --- a/csharp/ql/src/META-INF/MANIFEST.MF +++ b/csharp/ql/src/META-INF/MANIFEST.MF @@ -2,7 +2,7 @@ Manifest-Version: 1.0 Bundle-ManifestVersion: 2 Bundle-Name: Semmle C# Default Queries Bundle-SymbolicName: com.semmle.plugin.semmlecode.csharp.queries;singleton:=true -Bundle-Version: 1.18.0.qualifier +Bundle-Version: 1.18.1.qualifier Bundle-Vendor: Semmle Ltd. Bundle-ActivationPolicy: lazy -Require-Bundle: com.semmle.plugin.qdt.ui;bundle-version="[1.18.0.qualifier, 1.18.0.qualifier]" +Require-Bundle: com.semmle.plugin.qdt.ui;bundle-version="[1.18.1.qualifier,1.18.1.qualifier]" diff --git a/java/ql/src/META-INF/MANIFEST.MF b/java/ql/src/META-INF/MANIFEST.MF index 2e9435ab9505..17754c6ce38f 100644 --- a/java/ql/src/META-INF/MANIFEST.MF +++ b/java/ql/src/META-INF/MANIFEST.MF @@ -2,8 +2,8 @@ Manifest-Version: 1.0 Bundle-ManifestVersion: 2 Bundle-Name: Semmle Default Java Queries Bundle-SymbolicName: com.semmle.plugin.semmlecode.queries;singleton:=true -Bundle-Version: 1.18.0.qualifier +Bundle-Version: 1.18.1.qualifier Bundle-Vendor: Semmle Ltd. Bundle-ActivationPolicy: lazy -Require-Bundle: com.semmle.plugin.qdt.ui;bundle-version="[1.18.0.qualifier,1.18.0.qualifier]" +Require-Bundle: com.semmle.plugin.qdt.ui;bundle-version="[1.18.1.qualifier,1.18.1.qualifier]" diff --git a/javascript/ql/src/META-INF/MANIFEST.MF b/javascript/ql/src/META-INF/MANIFEST.MF index fe4cf7cfb8cb..9646c1b8ce45 100644 --- a/javascript/ql/src/META-INF/MANIFEST.MF +++ b/javascript/ql/src/META-INF/MANIFEST.MF @@ -2,7 +2,7 @@ Manifest-Version: 1.0 Bundle-ManifestVersion: 2 Bundle-Name: Semmle JavaScript Default Queries Bundle-SymbolicName: com.semmle.plugin.semmlecode.javascript.queries;singleton:=true -Bundle-Version: 1.18.0.qualifier +Bundle-Version: 1.18.1.qualifier Bundle-Vendor: Semmle Ltd. Bundle-ActivationPolicy: lazy -Require-Bundle: com.semmle.plugin.qdt.ui;bundle-version="[1.18.0.qualifier, 1.18.0.qualifier]" +Require-Bundle: com.semmle.plugin.qdt.ui;bundle-version="[1.18.1.qualifier,1.18.1.qualifier]"