codeql icon indicating copy to clipboard operation
codeql copied to clipboard

Published 20 hours ago verified publisher icon github

QL: add restrictive transitive closure query

Open erik-krogh opened this issue 3 years ago • 1 comments
trafficstars

Identifies the mistake fixed in this PR: https://github.com/github/codeql/pull/8380

Basically, a transitive closure might restrict the type when you do zero steps through it, which might not be intentional.
I think the results found by the query are benign (except for the one already fixed, and the one in the experimental query).

erik-krogh avatar Mar 11 '22 20:03 erik-krogh

Out of interest, is there a "canonical" fix for the case where you don't want the type to be restricted?

The fix I went for was to replace: stepPred*(x) with [x, stepPred+(x)].
That fix should work in all cases.

erik-krogh avatar Aug 09 '22 19:08 erik-krogh