Go: Adapt to changes in FlowSummaryImpl

hvitved · hvitved · commit 81c6b77daefd · 2025-12-17T20:25:30.000+01:00
diff --git a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll
@@ -415,44 +415,23 @@ predicate sinkNode(DataFlow::Node node, string kind) { sinkNode(node, kind, _) }
 
 // adapter class for converting Mad summaries to `SummarizedCallable`s
 private class SummarizedCallableAdapter extends Public::SummarizedCallable {
-  SummarizedCallableAdapter() { summaryElement(this, _, _, _, _, _) }
+  string input_;
+  string output_;
+  string kind;
+  Public::Provenance p_;
+  string model_;
 
-  private predicate relevantSummaryElementManual(
-    string input, string output, string kind, string model
-  ) {
-    exists(Public::Provenance provenance |
-      summaryElement(this, input, output, kind, provenance, model) and
-      provenance.isManual()
-    )
-  }
-
-  private predicate relevantSummaryElementGenerated(
-    string input, string output, string kind, string model
-  ) {
-    exists(Public::Provenance provenance |
-      summaryElement(this, input, output, kind, provenance, model) and
-      provenance.isGenerated()
-    ) and
-    not exists(Public::Provenance provenance |
-      neutralElement(this, "summary", provenance) and
-      provenance.isManual()
-    )
-  }
+  SummarizedCallableAdapter() { summaryElement(this, input_, output_, kind, p_, model_) }
 
   override predicate propagatesFlow(
-    string input, string output, boolean preservesValue, string model
+    string input, string output, boolean preservesValue, Public::Provenance p, boolean isExact,
+    string model
   ) {
-    exists(string kind |
-      this.relevantSummaryElementManual(input, output, kind, model)
-      or
-      not this.relevantSummaryElementManual(_, _, _, _) and
-      this.relevantSummaryElementGenerated(input, output, kind, model)
-    |
-      if kind = "value" then preservesValue = true else preservesValue = false
-    )
-  }
-
-  override predicate hasProvenance(Public::Provenance provenance) {
-    summaryElement(this, _, _, _, provenance, _)
+    input = input_ and
+    output = output_ and
+    (if kind = "value" then preservesValue = true else preservesValue = false) and
+    p = p_ and
+    isExact = true and
+    model = model_
   }
 }
diff --git a/go/ql/lib/semmle/go/frameworks/stdlib/NetHttp.qll b/go/ql/lib/semmle/go/frameworks/stdlib/NetHttp.qll
@@ -157,7 +157,7 @@ module NetHttp {
       |
         this = call.getASyntacticArgument() and
         callable = call.getACalleeIncludingExternals() and
-        callable.propagatesFlow(input, output, _, _)
+        callable.propagatesFlow(input, output, _, _, _, _)
       |
         // A modeled function conveying taint from some input to the response writer,
         // e.g. `io.Copy(responseWriter, someTaintedReader)`

Original file line number	Diff line number	Diff line change
`@@ -157,7 +157,7 @@ module NetHttp {`
`157`	`157`	`\|`
`158`	`158`	`this = call.getASyntacticArgument() and`
`159`	`159`	`callable = call.getACalleeIncludingExternals() and`
`160`		`- callable.propagatesFlow(input, output, _, _)`
	`160`	`+ callable.propagatesFlow(input, output, _, _, _, _)`
`161`	`161`	`\|`
`162`	`162`	`// A modeled function conveying taint from some input to the response writer,`
`163`	`163`	// e.g. `io.Copy(responseWriter, someTaintedReader)`