From 2c9bee6208ec957d3400ba3dd66dc3a0d8af68c6 Mon Sep 17 00:00:00 2001
From: Simon Friis Vindum <simonfv@gmail.com>
Date: Tue, 19 Nov 2024 14:32:31 +0100
Subject: [PATCH] Rust: Only add data flow edge to SSA write definitions from
 their underlying CFG node

---
 .../rust/dataflow/internal/DataFlowImpl.qll    | 18 +++++++-----------
 .../dataflow/local/DataFlowStep.expected       |  1 -
 .../CONSISTENCY/DataFlowConsistency.expected   |  5 -----
 .../CONSISTENCY/DataFlowConsistency.expected   |  2 --
 4 files changed, 7 insertions(+), 19 deletions(-)
 delete mode 100644 rust/ql/test/library-tests/variables/CONSISTENCY/DataFlowConsistency.expected

diff --git a/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll b/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
index d44002139363..c31ef9e81072 100644
--- a/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
+++ b/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
@@ -112,7 +112,7 @@ module Node {
   }
 
   /** A data flow node that corresponds to a CFG node for an AST node. */
-  abstract private class AstCfgFlowNode extends Node {
+  abstract class AstCfgFlowNode extends Node {
     AstCfgNode n;
 
     override CfgNode getCfgNode() { result = n }
@@ -283,9 +283,11 @@ module LocalFlow {
       nodeTo.getCfgNode().getAstNode() = s.getPat()
     )
     or
-    // An edge from a pattern to its corresponding SSA definition.
-    nodeFrom.(Node::PatNode).getPat() =
-      nodeTo.(Node::SsaNode).getDefinitionExt().getSourceVariable().getPat()
+    // An edge from a pattern/expression to its corresponding SSA definition.
+    nodeFrom.(Node::AstCfgFlowNode).getCfgNode() =
+      nodeTo.(Node::SsaNode).getDefinitionExt().(Ssa::WriteDefinition).getControlFlowNode()
+    or
+    SsaFlow::localFlowStep(_, nodeFrom, nodeTo, _)
   }
 }
 
@@ -400,11 +402,7 @@ module RustDataFlow implements InputSig<Location> {
    * are the value-preserving intra-callable flow steps.
    */
   predicate simpleLocalFlowStep(Node nodeFrom, Node nodeTo, string model) {
-    (
-      LocalFlow::localFlowStepCommon(nodeFrom, nodeTo)
-      or
-      SsaFlow::localFlowStep(_, nodeFrom, nodeTo, _)
-    ) and
+    LocalFlow::localFlowStepCommon(nodeFrom, nodeTo) and
     model = ""
   }
 
@@ -528,8 +526,6 @@ private module Cached {
   cached
   predicate localFlowStepImpl(Node::Node nodeFrom, Node::Node nodeTo) {
     LocalFlow::localFlowStepCommon(nodeFrom, nodeTo)
-    or
-    SsaFlow::localFlowStep(_, nodeFrom, nodeTo, _)
   }
 }
 
diff --git a/rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected b/rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected
index b8a6f6b6201a..8cc12598f62b 100644
--- a/rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected
+++ b/rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected
@@ -43,7 +43,6 @@
 | main.rs:45:15:45:23 | CallExpr | main.rs:45:9:45:23 | BreakExpr |
 | main.rs:51:9:51:13 | [SSA] i | main.rs:52:10:52:10 | i |
 | main.rs:51:9:51:13 | i | main.rs:51:9:51:13 | [SSA] i |
-| main.rs:51:9:51:13 | i | main.rs:53:5:53:5 | [SSA] i |
 | main.rs:51:17:51:17 | 1 | main.rs:51:9:51:13 | i |
 | main.rs:53:5:53:5 | [SSA] i | main.rs:54:10:54:10 | i |
 | main.rs:53:5:53:5 | i | main.rs:53:5:53:5 | [SSA] i |
diff --git a/rust/ql/test/library-tests/variables/CONSISTENCY/DataFlowConsistency.expected b/rust/ql/test/library-tests/variables/CONSISTENCY/DataFlowConsistency.expected
deleted file mode 100644
index 1a8949ec25f9..000000000000
--- a/rust/ql/test/library-tests/variables/CONSISTENCY/DataFlowConsistency.expected
+++ /dev/null
@@ -1,5 +0,0 @@
-localFlowIsLocal
-| variables.rs:400:9:400:9 | x | variables.rs:402:15:404:5 | [SSA] <captured entry> x | Local flow step does not preserve enclosing callable. |
-| variables.rs:410:9:410:13 | x | variables.rs:412:20:414:5 | [SSA] <captured entry> x | Local flow step does not preserve enclosing callable. |
-| variables.rs:418:9:418:13 | y | variables.rs:421:9:421:9 | [SSA] y | Local flow step does not preserve enclosing callable. |
-| variables.rs:436:9:436:13 | i | variables.rs:438:9:438:9 | [SSA] i | Local flow step does not preserve enclosing callable. |
diff --git a/rust/ql/test/query-tests/unusedentities/CONSISTENCY/DataFlowConsistency.expected b/rust/ql/test/query-tests/unusedentities/CONSISTENCY/DataFlowConsistency.expected
index 47300d3b9fa9..0a61a151c204 100644
--- a/rust/ql/test/query-tests/unusedentities/CONSISTENCY/DataFlowConsistency.expected
+++ b/rust/ql/test/query-tests/unusedentities/CONSISTENCY/DataFlowConsistency.expected
@@ -3,5 +3,3 @@ uniqueEnclosingCallable
 | main.rs:198:28:198:28 | x | Node should have one enclosing callable but has 0. |
 | main.rs:202:28:202:28 | x | Node should have one enclosing callable but has 0. |
 | main.rs:206:28:206:28 | x | Node should have one enclosing callable but has 0. |
-localFlowIsLocal
-| main.rs:432:9:432:10 | i6 | main.rs:434:20:434:44 | [SSA] <captured entry> i6 | Local flow step does not preserve enclosing callable. |