C#: Deprecate Assignable(Read)::getAReachableRead

hvitved · hvitved · commit f49bfa7bcced · 2022-10-12T14:08:46.000+02:00
diff --git a/csharp/ql/lib/semmle/code/csharp/Assignable.qll b/csharp/ql/lib/semmle/code/csharp/Assignable.qll
@@ -111,6 +111,7 @@ class AssignableRead extends AssignableAccess {
    * - The reads of `i` on lines 7 and 8 are next to the read on line 6.
    * - The read of `this.Field` on line 11 is next to the read on line 10.
    */
+  pragma[nomagic]
   AssignableRead getANextRead() {
     forex(ControlFlow::Node cfn | cfn = result.getAControlFlowNode() |
       cfn = this.getAnAdjacentReadSameVar()
@@ -124,7 +125,7 @@ class AssignableRead extends AssignableAccess {
    *
    * This is the transitive closure of `getANextRead()`.
    */
-  AssignableRead getAReachableRead() { result = this.getANextRead+() }
+  deprecated AssignableRead getAReachableRead() { result = this.getANextRead+() }
 }
 
 /**
@@ -479,6 +480,7 @@ class AssignableDefinition extends TAssignableDefinition {
    * Subsequent reads can be found by following the steps defined by
    * `AssignableRead.getANextRead()`.
    */
+  pragma[nomagic]
   AssignableRead getAFirstRead() {
     forex(ControlFlow::Node cfn | cfn = result.getAControlFlowNode() |
       exists(Ssa::ExplicitDefinition def | result = def.getAFirstReadAtNode(cfn) |
@@ -494,7 +496,7 @@ class AssignableDefinition extends TAssignableDefinition {
    *
    * This is the equivalent with `getAFirstRead().getANextRead*()`.
    */
-  AssignableRead getAReachableRead() { result = this.getAFirstRead().getANextRead*() }
+  deprecated AssignableRead getAReachableRead() { result = this.getAFirstRead().getANextRead*() }
 
   /** Gets a textual representation of this assignable definition. */
   string toString() { none() }
diff --git a/csharp/ql/lib/semmle/code/csharp/exprs/Access.qll b/csharp/ql/lib/semmle/code/csharp/exprs/Access.qll
@@ -174,7 +174,9 @@ class VariableAccess extends AssignableAccess, @variable_access_expr {
 class VariableRead extends VariableAccess, AssignableRead {
   override VariableRead getANextRead() { result = AssignableRead.super.getANextRead() }
 
-  override VariableRead getAReachableRead() { result = AssignableRead.super.getAReachableRead() }
+  deprecated override VariableRead getAReachableRead() {
+    result = AssignableRead.super.getAReachableRead()
+  }
 }
 
 /**
@@ -200,7 +202,7 @@ class LocalScopeVariableAccess extends VariableAccess, @local_scope_variable_acc
 class LocalScopeVariableRead extends LocalScopeVariableAccess, VariableRead {
   override LocalScopeVariableRead getANextRead() { result = VariableRead.super.getANextRead() }
 
-  override LocalScopeVariableRead getAReachableRead() {
+  deprecated override LocalScopeVariableRead getAReachableRead() {
     result = VariableRead.super.getAReachableRead()
   }
 }
@@ -242,7 +244,7 @@ class ParameterAccess extends LocalScopeVariableAccess, @parameter_access_expr {
 class ParameterRead extends ParameterAccess, LocalScopeVariableRead {
   override ParameterRead getANextRead() { result = LocalScopeVariableRead.super.getANextRead() }
 
-  override ParameterRead getAReachableRead() {
+  deprecated override ParameterRead getAReachableRead() {
     result = LocalScopeVariableRead.super.getAReachableRead()
   }
 }
@@ -297,7 +299,7 @@ class LocalVariableAccess extends LocalScopeVariableAccess, @local_variable_acce
 class LocalVariableRead extends LocalVariableAccess, LocalScopeVariableRead {
   override LocalVariableRead getANextRead() { result = LocalScopeVariableRead.super.getANextRead() }
 
-  override LocalVariableRead getAReachableRead() {
+  deprecated override LocalVariableRead getAReachableRead() {
     result = LocalScopeVariableRead.super.getAReachableRead()
   }
 }
@@ -442,7 +444,9 @@ class PropertyAccess extends AssignableMemberAccess, PropertyAccessExpr {
 class PropertyRead extends PropertyAccess, AssignableRead {
   override PropertyRead getANextRead() { result = AssignableRead.super.getANextRead() }
 
-  override PropertyRead getAReachableRead() { result = AssignableRead.super.getAReachableRead() }
+  deprecated override PropertyRead getAReachableRead() {
+    result = AssignableRead.super.getAReachableRead()
+  }
 }
 
 /**
@@ -581,7 +585,9 @@ class IndexerAccess extends AssignableMemberAccess, ElementAccess, IndexerAccess
 class IndexerRead extends IndexerAccess, ElementRead {
   override IndexerRead getANextRead() { result = ElementRead.super.getANextRead() }
 
-  override IndexerRead getAReachableRead() { result = ElementRead.super.getAReachableRead() }
+  deprecated override IndexerRead getAReachableRead() {
+    result = ElementRead.super.getAReachableRead()
+  }
 }
 
 /**
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/Format.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/Format.qll
@@ -71,6 +71,20 @@ class FormatMethod extends Method {
   }
 }
 
+pragma[nomagic]
+private predicate parameterReadPostDominatesEntry(ParameterRead pr) {
+  pr.getAControlFlowNode().postDominates(pr.getEnclosingCallable().getEntryPoint()) and
+  getParameterType(pr.getTarget()) instanceof ObjectType
+}
+
+pragma[nomagic]
+private predicate alwaysPassedToFormatItemParameter(ParameterRead pr) {
+  pr = any(StringFormatItemParameter other).getAnAssignedArgument() and
+  parameterReadPostDominatesEntry(pr)
+  or
+  alwaysPassedToFormatItemParameter(pr.getANextRead())
+}
+
 /**
  * A parameter that is used as a format item for `string.Format()`. Either a
  * format item parameter of `string.Format()`, or a parameter of a method that
@@ -85,15 +99,9 @@ class StringFormatItemParameter extends Parameter {
     )
     or
     // Parameter of a source method that forwards to `string.Format()`
-    exists(
-      AssignableDefinitions::ImplicitParameterDefinition def, ParameterRead pr,
-      StringFormatItemParameter other
-    |
+    exists(AssignableDefinitions::ImplicitParameterDefinition def |
       def.getParameter() = this and
-      pr = def.getAReachableRead() and
-      pr.getAControlFlowNode().postDominates(this.getCallable().getEntryPoint()) and
-      other.getAnAssignedArgument() = pr and
-      getParameterType(this) instanceof ObjectType
+      alwaysPassedToFormatItemParameter(def.getAFirstRead())
     )
   }
 }
diff --git a/csharp/ql/src/API Abuse/DisposeNotCalledOnException.ql b/csharp/ql/src/API Abuse/DisposeNotCalledOnException.ql
@@ -22,12 +22,22 @@ private class DisposeCall extends MethodCall {
   DisposeCall() { this.getTarget() instanceof DisposeMethod }
 }
 
-private predicate localFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
-  DataFlow::localFlowStep(nodeFrom, nodeTo) and
-  not exists(AssignableDefinition def, UsingStmt us |
-    nodeTo.asExpr() = def.getAReachableRead() and
+pragma[nomagic]
+private predicate isDisposedAccess(AssignableRead ar) {
+  exists(AssignableDefinition def, UsingStmt us |
+    ar = def.getAFirstRead() and
     def.getTargetAccess() = us.getAVariableDeclExpr().getAccess()
   )
+  or
+  exists(AssignableRead mid |
+    isDisposedAccess(mid) and
+    ar = mid.getANextRead()
+  )
+}
+
+private predicate localFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
+  DataFlow::localFlowStep(nodeFrom, nodeTo) and
+  not isDisposedAccess(nodeTo.asExpr())
 }
 
 private predicate reachesDisposeCall(DisposeCall disposeCall, DataFlow::Node node) {
diff --git a/csharp/ql/src/Useless code/DefaultToStringQuery.qll b/csharp/ql/src/Useless code/DefaultToStringQuery.qll
@@ -6,6 +6,7 @@ import semmle.code.csharp.frameworks.System
  * Holds if expression `e`, of type `t`, invokes `ToString()` either explicitly
  * or implicitly.
  */
+pragma[nomagic]
 predicate invokesToString(Expr e, ValueOrRefType t) {
   // Explicit invocation
   exists(MethodCall mc | mc.getQualifier() = e |
@@ -20,20 +21,24 @@ predicate invokesToString(Expr e, ValueOrRefType t) {
   // Implicit invocation via forwarder method
   t = e.stripCasts().getType() and
   not t instanceof StringType and
-  exists(Parameter p |
-    alwaysInvokesToStringOnParameter(p) and
+  exists(AssignableDefinitions::ImplicitParameterDefinition def, Parameter p |
+    def.getParameter() = p and
+    alwaysInvokesToString(def.getAFirstRead()) and
     e = p.getAnAssignedArgument()
   )
 }
 
-pragma[noinline]
-private predicate alwaysInvokesToStringOnParameter(Parameter p) {
-  exists(AssignableDefinitions::ImplicitParameterDefinition def, ParameterRead pr |
-    def.getParameter() = p and
-    pr = def.getAReachableRead() and
-    pr.getAControlFlowNode().postDominates(p.getCallable().getEntryPoint()) and
-    invokesToString(pr, _)
-  )
+pragma[nomagic]
+private predicate parameterReadPostDominatesEntry(ParameterRead pr) {
+  pr.getAControlFlowNode().postDominates(pr.getEnclosingCallable().getEntryPoint())
+}
+
+pragma[nomagic]
+private predicate alwaysInvokesToString(ParameterRead pr) {
+  parameterReadPostDominatesEntry(pr) and
+  invokesToString(pr, _)
+  or
+  alwaysInvokesToString(pr.getANextRead())
 }
 
 /**

Original file line number	Diff line number	Diff line change
`@@ -174,7 +174,9 @@ class VariableAccess extends AssignableAccess, @variable_access_expr {`
`174`	`174`	`class VariableRead extends VariableAccess, AssignableRead {`
`175`	`175`	`override VariableRead getANextRead() { result = AssignableRead.super.getANextRead() }`
`176`	`176`
`177`		`- override VariableRead getAReachableRead() { result = AssignableRead.super.getAReachableRead() }`
	`177`	`+ deprecated override VariableRead getAReachableRead() {`
	`178`	`+ result = AssignableRead.super.getAReachableRead()`
	`179`	`+ }`
`178`	`180`	`}`
`179`	`181`
`180`	`182`	`/**`
`@@ -200,7 +202,7 @@ class LocalScopeVariableAccess extends VariableAccess, @local_scope_variable_acc`
`200`	`202`	`class LocalScopeVariableRead extends LocalScopeVariableAccess, VariableRead {`
`201`	`203`	`override LocalScopeVariableRead getANextRead() { result = VariableRead.super.getANextRead() }`
`202`	`204`
`203`		`- override LocalScopeVariableRead getAReachableRead() {`
	`205`	`+ deprecated override LocalScopeVariableRead getAReachableRead() {`
`204`	`206`	`result = VariableRead.super.getAReachableRead()`
`205`	`207`	`}`
`206`	`208`	`}`
`@@ -242,7 +244,7 @@ class ParameterAccess extends LocalScopeVariableAccess, @parameter_access_expr {`
`242`	`244`	`class ParameterRead extends ParameterAccess, LocalScopeVariableRead {`
`243`	`245`	`override ParameterRead getANextRead() { result = LocalScopeVariableRead.super.getANextRead() }`
`244`	`246`
`245`		`- override ParameterRead getAReachableRead() {`
	`247`	`+ deprecated override ParameterRead getAReachableRead() {`
`246`	`248`	`result = LocalScopeVariableRead.super.getAReachableRead()`
`247`	`249`	`}`
`248`	`250`	`}`
`@@ -297,7 +299,7 @@ class LocalVariableAccess extends LocalScopeVariableAccess, @local_variable_acce`
`297`	`299`	`class LocalVariableRead extends LocalVariableAccess, LocalScopeVariableRead {`
`298`	`300`	`override LocalVariableRead getANextRead() { result = LocalScopeVariableRead.super.getANextRead() }`
`299`	`301`
`300`		`- override LocalVariableRead getAReachableRead() {`
	`302`	`+ deprecated override LocalVariableRead getAReachableRead() {`
`301`	`303`	`result = LocalScopeVariableRead.super.getAReachableRead()`
`302`	`304`	`}`
`303`	`305`	`}`
`@@ -442,7 +444,9 @@ class PropertyAccess extends AssignableMemberAccess, PropertyAccessExpr {`
`442`	`444`	`class PropertyRead extends PropertyAccess, AssignableRead {`
`443`	`445`	`override PropertyRead getANextRead() { result = AssignableRead.super.getANextRead() }`
`444`	`446`
`445`		`- override PropertyRead getAReachableRead() { result = AssignableRead.super.getAReachableRead() }`
	`447`	`+ deprecated override PropertyRead getAReachableRead() {`
	`448`	`+ result = AssignableRead.super.getAReachableRead()`
	`449`	`+ }`
`446`	`450`	`}`
`447`	`451`
`448`	`452`	`/**`
`@@ -581,7 +585,9 @@ class IndexerAccess extends AssignableMemberAccess, ElementAccess, IndexerAccess`
`581`	`585`	`class IndexerRead extends IndexerAccess, ElementRead {`
`582`	`586`	`override IndexerRead getANextRead() { result = ElementRead.super.getANextRead() }`
`583`	`587`
`584`		`- override IndexerRead getAReachableRead() { result = ElementRead.super.getAReachableRead() }`
	`588`	`+ deprecated override IndexerRead getAReachableRead() {`
	`589`	`+ result = ElementRead.super.getAReachableRead()`
	`590`	`+ }`
`585`	`591`	`}`
`586`	`592`
`587`	`593`	`/**`