Merge pull request #11 from anaarmas/reorder

kevinbackhouse · web-flow · commit 375dd02ba1bc · 2019-09-12T16:35:39.000+01:00
reorder query lines in libssh2_eating_error_codes
diff --git a/ql_demos/cpp/libssh2_eating_error_codes/01_error_codes_call.ql b/ql_demos/cpp/libssh2_eating_error_codes/01_error_codes_call.ql
@@ -6,9 +6,8 @@ import cpp
 
 // Extend the previous query to also find calls to functions that sometimes
 // return a negative integer constant.
-from Function f, FunctionCall call, ReturnStmt ret
+from FunctionCall call, ReturnStmt ret
 where
-  call.getTarget() = f and
-  ret.getEnclosingFunction() = f and
-  ret.getExpr().getValue().toInt() < 0
+  ret.getExpr().getValue().toInt() < 0 and
+  call.getTarget() = ret.getEnclosingFunction()
 select ret, call
diff --git a/ql_demos/cpp/libssh2_eating_error_codes/02_eating_error_codes.ql b/ql_demos/cpp/libssh2_eating_error_codes/02_eating_error_codes.ql
@@ -6,10 +6,9 @@ import cpp
 
 // Look for calls that are cast to unsigned, which means that the error
 // code might be accidentally ignored.
-from Function f, FunctionCall call, ReturnStmt ret
+from FunctionCall call, ReturnStmt ret
 where
-  call.getTarget() = f and
-  ret.getEnclosingFunction() = f and
   ret.getExpr().getValue().toInt() < 0 and
+  call.getTarget() = ret.getEnclosingFunction() and
   call.getFullyConverted().getType().getUnderlyingType().(IntegralType).isUnsigned()
 select call, ret
diff --git a/ql_demos/cpp/libssh2_eating_error_codes/03_eating_error_codes_localflow.ql b/ql_demos/cpp/libssh2_eating_error_codes/03_eating_error_codes_localflow.ql
@@ -14,11 +14,11 @@ import semmle.code.cpp.dataflow.DataFlow
 //
 // In this query, we add local dataflow so that we can also handle such
 // cases.
-from Function f, FunctionCall call, ReturnStmt ret, DataFlow::Node source, DataFlow::Node sink
-where call.getTarget() = f
-and ret.getEnclosingFunction() = f
-and ret.getExpr().getValue().toInt() < 0
-and source.asExpr() = call
-and DataFlow::localFlow(source, sink)
-and sink.asExpr().getFullyConverted().getType().getUnderlyingType().(IntegralType).isUnsigned()
+from FunctionCall call, ReturnStmt ret, DataFlow::Node source, DataFlow::Node sink
+where
+  ret.getExpr().getValue().toInt() < 0 and
+  call.getTarget() = ret.getEnclosingFunction() and
+  source.asExpr() = call and
+  DataFlow::localFlow(source, sink) and
+  sink.asExpr().getFullyConverted().getType().getUnderlyingType().(IntegralType).isUnsigned()
 select source, sink
diff --git a/ql_demos/cpp/libssh2_eating_error_codes/04_eating_error_codes_localflow_rangeanalysis.ql b/ql_demos/cpp/libssh2_eating_error_codes/04_eating_error_codes_localflow_rangeanalysis.ql
@@ -18,11 +18,10 @@ import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis
 //   int r = f();
 //   if (r < 0) return -1;
 //   unsigned int x = r;
-from Function f, FunctionCall call, ReturnStmt ret, DataFlow::Node source, DataFlow::Node sink
+from FunctionCall call, ReturnStmt ret, DataFlow::Node source, DataFlow::Node sink
 where
-  call.getTarget() = f and
-  ret.getEnclosingFunction() = f and
   ret.getExpr().getValue().toInt() < 0 and
+  call.getTarget() = ret.getEnclosingFunction() and
   source.asExpr() = call and
   DataFlow::localFlow(source, sink) and
   sink.asExpr().getFullyConverted().getType().getUnderlyingType().(IntegralType).isUnsigned() and
