From c45fd4080d7b3bcdf1636881f878fcc224aa82ab Mon Sep 17 00:00:00 2001
From: Anders Schack-Mulligen <aschackmull@github.com>
Date: Fri, 19 Apr 2024 15:41:35 +0200
Subject: [PATCH] Java: Fix join-order.

The TC was being fully materialised but all we need is unary
reachability.
---
 java/ql/lib/semmle/code/java/os/OSCheck.qll | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/java/ql/lib/semmle/code/java/os/OSCheck.qll b/java/ql/lib/semmle/code/java/os/OSCheck.qll
index 19dd15b0b894..e3b3e56f72ce 100644
--- a/java/ql/lib/semmle/code/java/os/OSCheck.qll
+++ b/java/ql/lib/semmle/code/java/os/OSCheck.qll
@@ -37,11 +37,17 @@ abstract class IsUnixGuard extends Guard { }
  */
 abstract class IsSpecificUnixVariant extends Guard { }
 
+private DataFlow::Node osNameFlow() {
+  result.asExpr() = getSystemProperty("os.name")
+  or
+  TaintTracking::localTaintStep(osNameFlow(), result)
+}
+
 /**
  * Holds when `ma` compares the current OS against the string constant `osString`.
  */
 private predicate isOsFromSystemProp(MethodCall ma, string osString) {
-  TaintTracking::localExprTaint(getSystemProperty("os.name"), ma.getQualifier()) and // Call from System.getProperty (or equivalent) to some partial match method
+  osNameFlow().asExpr() = ma.getQualifier() and // Call from System.getProperty (or equivalent) to some partial match method
   exists(StringPartialMatchMethod m, CompileTimeConstantExpr matchedStringConstant |
     m = ma.getMethod() and
     matchedStringConstant.getStringValue().toLowerCase() = osString