diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll index 984c5ae2018a..284fff191ae5 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll @@ -2021,7 +2021,8 @@ module Impl { FlowCheckNode() { castNode(this.asNode()) or clearsContentCached(this.asNode(), _) or - expectsContentCached(this.asNode(), _) + expectsContentCached(this.asNode(), _) or + neverSkipInPathGraph(this.asNode()) } } diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll index 115989e3dea7..b380748fb3c0 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll @@ -235,6 +235,12 @@ class CastNode extends Node { CastNode() { none() } // stub implementation } +/** + * Holds if `n` should never be skipped over in the `PathGraph` and in path + * explanations. + */ +predicate neverSkipInPathGraph(Node n) { none() } + class DataFlowCallable = Function; class DataFlowExpr = Expr; diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll index 984c5ae2018a..284fff191ae5 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll @@ -2021,7 +2021,8 @@ module Impl { FlowCheckNode() { castNode(this.asNode()) or clearsContentCached(this.asNode(), _) or - expectsContentCached(this.asNode(), _) + expectsContentCached(this.asNode(), _) or + neverSkipInPathGraph(this.asNode()) } } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll index 33ff6f747752..ef006bbff0a2 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll @@ -783,6 +783,12 @@ class CastNode extends Node { CastNode() { none() } // stub implementation } +/** + * Holds if `n` should never be skipped over in the `PathGraph` and in path + * explanations. + */ +predicate neverSkipInPathGraph(Node n) { none() } + /** * A function that may contain code or a variable that may contain itself. When * flow crosses from one _enclosing callable_ to another, the interprocedural diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll index 984c5ae2018a..284fff191ae5 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll @@ -2021,7 +2021,8 @@ module Impl { FlowCheckNode() { castNode(this.asNode()) or clearsContentCached(this.asNode(), _) or - expectsContentCached(this.asNode(), _) + expectsContentCached(this.asNode(), _) or + neverSkipInPathGraph(this.asNode()) } } diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll index a3aed9f9097a..c8287255f4f7 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll @@ -2147,6 +2147,12 @@ class CastNode extends Node { } } +/** + * Holds if `n` should never be skipped over in the `PathGraph` and in path + * explanations. + */ +predicate neverSkipInPathGraph(Node n) { none() } + class DataFlowExpr = DotNet::Expr; /** Holds if `e` is an expression that always has the same Boolean value `val`. */ diff --git a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll index 984c5ae2018a..284fff191ae5 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll @@ -2021,7 +2021,8 @@ module Impl { FlowCheckNode() { castNode(this.asNode()) or clearsContentCached(this.asNode(), _) or - expectsContentCached(this.asNode(), _) + expectsContentCached(this.asNode(), _) or + neverSkipInPathGraph(this.asNode()) } } diff --git a/go/ql/lib/semmle/go/dataflow/internal/DataFlowPrivate.qll b/go/ql/lib/semmle/go/dataflow/internal/DataFlowPrivate.qll index ee146fc2abad..277c92703e7b 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowPrivate.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowPrivate.qll @@ -228,6 +228,12 @@ class CastNode extends ExprNode { override ConversionExpr expr; } +/** + * Holds if `n` should never be skipped over in the `PathGraph` and in path + * explanations. + */ +predicate neverSkipInPathGraph(Node n) { none() } + class DataFlowExpr = Expr; private newtype TDataFlowType = diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll index 984c5ae2018a..284fff191ae5 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll @@ -2021,7 +2021,8 @@ module Impl { FlowCheckNode() { castNode(this.asNode()) or clearsContentCached(this.asNode(), _) or - expectsContentCached(this.asNode(), _) + expectsContentCached(this.asNode(), _) or + neverSkipInPathGraph(this.asNode()) } } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll index ea393dad0bf4..216523023d91 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll @@ -242,6 +242,12 @@ class CastNode extends ExprNode { CastNode() { this.getExpr() instanceof CastingExpr } } +/** + * Holds if `n` should never be skipped over in the `PathGraph` and in path + * explanations. + */ +predicate neverSkipInPathGraph(Node n) { none() } + private newtype TDataFlowCallable = TSrcCallable(Callable c) or TSummarizedCallable(SummarizedCallable c) or diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll index 984c5ae2018a..284fff191ae5 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll @@ -2021,7 +2021,8 @@ module Impl { FlowCheckNode() { castNode(this.asNode()) or clearsContentCached(this.asNode(), _) or - expectsContentCached(this.asNode(), _) + expectsContentCached(this.asNode(), _) or + neverSkipInPathGraph(this.asNode()) } } diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll index 7f907ca84e88..29504b6aa388 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll @@ -486,6 +486,14 @@ class DataFlowType extends TDataFlowType { /** A node that performs a type cast. */ class CastNode extends Node { + CastNode() { none() } +} + +/** + * Holds if `n` should never be skipped over in the `PathGraph` and in path + * explanations. + */ +predicate neverSkipInPathGraph(Node n) { // We include read- and store steps here to force them to be // shown in path explanations. // This hack is necessary, because we have included some of these @@ -494,7 +502,7 @@ class CastNode extends Node { // We should revert this once, we can remove this steps from the // default taint steps; this should be possible once we have // implemented flow summaries and recursive content. - CastNode() { readStep(_, _, this) or storeStep(_, _, this) } + readStep(_, _, n) or storeStep(_, _, n) } /** diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll index 984c5ae2018a..284fff191ae5 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll @@ -2021,7 +2021,8 @@ module Impl { FlowCheckNode() { castNode(this.asNode()) or clearsContentCached(this.asNode(), _) or - expectsContentCached(this.asNode(), _) + expectsContentCached(this.asNode(), _) or + neverSkipInPathGraph(this.asNode()) } } diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll index 0fb0bac04621..f8469e99a23a 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll @@ -1290,10 +1290,16 @@ private import PostUpdateNodes /** A node that performs a type cast. */ class CastNode extends Node { - CastNode() { - // ensure that all variable assignments are included in the path graph - this.(SsaDefinitionExtNode).getDefinitionExt() instanceof Ssa::WriteDefinition - } + CastNode() { none() } +} + +/** + * Holds if `n` should never be skipped over in the `PathGraph` and in path + * explanations. + */ +predicate neverSkipInPathGraph(Node n) { + // ensure that all variable assignments are included in the path graph + n.(SsaDefinitionExtNode).getDefinitionExt() instanceof Ssa::WriteDefinition } class DataFlowExpr = CfgNodes::ExprCfgNode; diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll index 984c5ae2018a..284fff191ae5 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll @@ -2021,7 +2021,8 @@ module Impl { FlowCheckNode() { castNode(this.asNode()) or clearsContentCached(this.asNode(), _) or - expectsContentCached(this.asNode(), _) + expectsContentCached(this.asNode(), _) or + neverSkipInPathGraph(this.asNode()) } } diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll index 02ae10b83afd..c0f01a67df3c 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll @@ -849,6 +849,12 @@ class CastNode extends Node { CastNode() { none() } } +/** + * Holds if `n` should never be skipped over in the `PathGraph` and in path + * explanations. + */ +predicate neverSkipInPathGraph(Node n) { none() } + class DataFlowExpr = Expr; class DataFlowParameter = ParamDecl;