From e565479d0c8ecda8a52afa9854cb54030955e86e Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Fri, 6 Sep 2024 10:58:51 +0200 Subject: [PATCH] Java: Use normalized read access paths in synthetic validation. --- .../modelgenerator/internal/CaptureModels.qll | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/java/ql/src/utils/modelgenerator/internal/CaptureModels.qll b/java/ql/src/utils/modelgenerator/internal/CaptureModels.qll index 35372c4b826e5..4f85ac36a6957 100644 --- a/java/ql/src/utils/modelgenerator/internal/CaptureModels.qll +++ b/java/ql/src/utils/modelgenerator/internal/CaptureModels.qll @@ -368,14 +368,15 @@ private predicate hasSyntheticContent(PropagateContentFlow::AccessPath path) { private module AccessPathSyntheticValidation { /** * Holds if there exist an API within the type `t` that has - * content flow from `read` to `store`. + * content flow from `read` to `store`, where `read` and `store` have + * been normalized (content flow lists the read steps in reverse order). */ private predicate step( Type t, PropagateContentFlow::AccessPath read, PropagateContentFlow::AccessPath store ) { exists(ContentDataFlowSummaryTargetApi api | api.getDeclaringType() = t and - apiContentFlow(api, _, read, _, store, _) + apiContentFlow(api, _, read.reverse(), _, store, _) ) } @@ -469,11 +470,13 @@ private module AccessPathSyntheticValidation { predicate acceptReadStore( Type t, PropagateContentFlow::AccessPath read, PropagateContentFlow::AccessPath store ) { - synthPathEntry(t, read, store) and reachesSynthExit(t, store) - or - synthEntryReaches(t, read) and synthPathExit(t, read, store) - or - synthEntryReaches(t, read) and step(t, read, store) and reachesSynthExit(t, store) + exists(PropagateContentFlow::AccessPath read0 | read0 = read.reverse() | + synthPathEntry(t, read0, store) and reachesSynthExit(t, store) + or + synthEntryReaches(t, read0) and synthPathExit(t, read0, store) + or + synthEntryReaches(t, read0) and step(t, read0, store) and reachesSynthExit(t, store) + ) } }