Skip to content

Commit 2d78db0

Browse files
aschackmullaschackmull
committed
C#: Make a more principled fix in ConstantCondition.
1 parent e4daeec commit 2d78db0

File tree

2 files changed

+13
-8
lines changed

2 files changed

+13
-8
lines changed

csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -54,11 +54,6 @@ predicate constantGuard(
5454
Guards::Guards::Guard g, string msg, Guards::Guards::Guard reason, string reasonMsg
5555
) {
5656
ConstCondImpl::problems(g, msg, reason, reasonMsg) and
57-
// conditional qualified expressions sit at an akward place in the CFG, which
58-
// leads to FPs
59-
not g.(QualifiableExpr).getQualifier() = reason and
60-
// and if they're extension method calls, the syntactic qualifier is actually argument 0
61-
not g.(ExtensionMethodCall).getArgument(0) = reason and
6257
// if a logical connective is constant, one of its operands is constant, so
6358
// we report that instead
6459
not g instanceof LogicalNotExpr and

shared/controlflow/codeql/controlflow/queries/ConstantCondition.qll

Lines changed: 13 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -69,6 +69,15 @@ module Make<LocationSig Location, BB::CfgSig<Location> Cfg, InputSig<Cfg::BasicB
6969
private import Cfg
7070
private import Input
7171

72+
/**
73+
* Holds if the edge from `bb1` to `bb2` implies both that `def` evaluates
74+
* to `v` and that `g` evaluates to `gv`. The latter implication is also a
75+
* biimplication in most cases, except when `g` is a short-circuiting
76+
* side-effecting construct.
77+
*
78+
* Checking that `bb1` to `bb2` is a dominating edge is sufficient to ensure
79+
* that the biimplication holds.
80+
*/
7281
private predicate ssaControlsGuardEdge(
7382
SsaDefinition def, GuardValue v, Guard g, BasicBlock bb1, BasicBlock bb2, GuardValue gv
7483
) {
@@ -81,9 +90,10 @@ module Make<LocationSig Location, BB::CfgSig<Location> Cfg, InputSig<Cfg::BasicB
8190
private predicate impossibleValue(
8291
Guard g, GuardValue gv, SsaDefinition def, BasicBlock bb, GuardValue v2
8392
) {
84-
exists(GuardValue dual, GuardValue v1 |
85-
// If `g` in `bb` evaluates to `gv` then `def` has value `v1`,
86-
ssaControlsGuardEdge(def, v1, g, bb, _, gv) and
93+
exists(GuardValue dual, GuardValue v1, BasicBlock bb2 |
94+
// If `g` evaluates to `gv` and its branch edge `(bb, bb2)` is a dominating edge then `def` has value `v1`,
95+
ssaControlsGuardEdge(def, v1, g, bb, bb2, gv) and
96+
dominatingEdge(bb, bb2) and
8797
dual = gv.getDualValue() and
8898
not gv.isThrowsException() and
8999
not dual.isThrowsException() and

0 commit comments

Comments
 (0)