@@ -1535,14 +1535,6 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
15351535 fwdFlow1 ( _, _, _, _, _, _, t0 , t , ap , _) and t0 != t
15361536 }
15371537
1538- bindingset [ storeSource, c, readTarget]
1539- pragma [ inline_late]
1540- private predicate storeMayReachReadInlineLate (
1541- NodeEx storeSource , Content c , NodeEx readTarget
1542- ) {
1543- Param:: storeMayReachRead ( storeSource , c , readTarget )
1544- }
1545-
15461538 pragma [ nomagic]
15471539 private predicate fwdFlow0 (
15481540 NodeEx node , FlowState state , Cc cc , ParamNodeOption summaryCtx , TypOption argT ,
@@ -1731,7 +1723,7 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
17311723 (
17321724 exists ( NodeEx storeSource |
17331725 fwdFlowConsCandStoreReadMatchingEnabled ( storeSource , t1 , ap1 , c , t2 , ap2 ) and
1734- storeMayReachReadInlineLate ( storeSource , c , node2 )
1726+ storeMayReachRead ( storeSource , c , node2 )
17351727 )
17361728 or
17371729 fwdFlowConsCandStoreReadMatchingDisabled ( t1 , ap1 , c , t2 , ap2 )
@@ -2276,7 +2268,7 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
22762268 |
22772269 exists ( NodeEx readTarget |
22782270 revFlowConsCandStoreReadMatchingEnabled ( readTarget , ap0 , c , ap ) and
2279- storeMayReachReadInlineLate ( node , c , readTarget )
2271+ storeMayReachRead ( node , c , readTarget )
22802272 )
22812273 or
22822274 revFlowConsCandStoreReadMatchingDisabled ( ap0 , c , ap )
@@ -3430,6 +3422,27 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
34303422 private module StoreReadMatchingInput implements StoreReadMatchingInputSig {
34313423 class NodeEx = NodeExAlias ;
34323424
3425+ predicate nodeRange ( NodeEx node , boolean fromArg ) {
3426+ exists ( PrevStage:: Ap ap |
3427+ PrevStage:: revFlowAp ( node , ap ) and
3428+ (
3429+ ap = true
3430+ or
3431+ PrevStage:: storeStepCand ( node , ap , _, _, _, _)
3432+ or
3433+ PrevStage:: readStepCand ( _, _, node )
3434+ )
3435+ |
3436+ exists ( PrevStage:: Cc cc | PrevStage:: fwdFlow ( node , _, cc , _, _, _, _, ap , _) |
3437+ PrevStage:: instanceofCcCall ( cc ) and
3438+ fromArg = true
3439+ or
3440+ PrevStage:: instanceofCcNoCall ( cc ) and
3441+ fromArg = false
3442+ )
3443+ )
3444+ }
3445+
34333446 predicate localValueStep ( NodeEx node1 , NodeEx node2 ) {
34343447 exists ( FlowState state , PrevStage:: ApOption returnAp |
34353448 PrevStage:: revFlow ( node1 , pragma [ only_bind_into ] ( state ) , _,
@@ -3442,12 +3455,23 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
34423455
34433456 predicate jumpValueStep = jumpStepEx / 2 ;
34443457
3458+ pragma [ nomagic]
3459+ private predicate flowThroughOutOfCall ( RetNodeEx ret , NodeEx out ) {
3460+ exists ( DataFlowCall call , CcCall ccc , ReturnKindExt kind |
3461+ PrevStage:: callEdgeReturn ( call , _, ret , kind , out , true , true ) and
3462+ PrevStage:: callMayFlowThroughRev ( call ) and
3463+ PrevStage:: returnMayFlowThrough ( ret , _, true , kind ) and
3464+ matchesCall ( ccc , call )
3465+ )
3466+ }
3467+
34453468 predicate callEdgeArgParam ( NodeEx arg , NodeEx param ) {
3446- PrevStage:: callEdgeArgParam ( _, _, arg , param , true , _ )
3469+ PrevStage:: callEdgeArgParam ( _, _, arg , param , true , true )
34473470 }
34483471
3449- predicate callEdgeReturn ( NodeEx ret , NodeEx out ) {
3450- PrevStage:: callEdgeReturn ( _, _, ret , _, out , true , _)
3472+ predicate callEdgeReturn ( NodeEx ret , NodeEx out , boolean mayFlowThrough ) {
3473+ PrevStage:: callEdgeReturn ( _, _, ret , _, out , true , true ) and
3474+ if flowThroughOutOfCall ( ret , out ) then mayFlowThrough = true else mayFlowThrough = false
34513475 }
34523476
34533477 predicate readContentStep = PrevStage:: readStepCand / 3 ;
0 commit comments