Move useful helper predicate and types from RangeAnalysis to RangeUtils.

criemen · criemen · commit 55cd0fac5c7c · 2020-04-29T12:55:54.000+02:00
diff --git a/cpp/ql/src/semmle/code/cpp/rangeanalysis/RangeAnalysis.qll b/cpp/ql/src/semmle/code/cpp/rangeanalysis/RangeAnalysis.qll
@@ -241,38 +241,6 @@ class CondReason extends Reason, TCondReason {
   override string toString() { result = getCond().toString() }
 }
 
-/**
- * Holds if a cast from `fromtyp` to `totyp` can be ignored for the purpose of
- * range analysis.
- */
-pragma[inline]
-private predicate safeCast(IntegralType fromtyp, IntegralType totyp) {
-  fromtyp.getSize() < totyp.getSize() and
-  (
-    fromtyp.isUnsigned()
-    or
-    totyp.isSigned()
-  )
-  or
-  fromtyp.getSize() <= totyp.getSize() and
-  (
-    fromtyp.isSigned() and
-    totyp.isSigned()
-    or
-    fromtyp.isUnsigned() and
-    totyp.isUnsigned()
-  )
-}
-
-private class SafeCastInstruction extends ConvertInstruction {
-  SafeCastInstruction() {
-    safeCast(getUnary().getResultType(), getResultType())
-    or
-    getResultType() instanceof PointerType and
-    getUnary().getResultType() instanceof PointerType
-  }
-}
-
 /**
  * Holds if `typ` is a small integral type with the given lower and upper bounds.
  */
diff --git a/cpp/ql/src/semmle/code/cpp/rangeanalysis/RangeUtils.qll b/cpp/ql/src/semmle/code/cpp/rangeanalysis/RangeUtils.qll
@@ -80,3 +80,44 @@ predicate backEdge(PhiInstruction phi, PhiInputOperand op) {
   phi.getAnOperand() = op and
   phi.getBlock() = op.getPredecessorBlock().getBackEdgeSuccessor(_)
 }
+
+/**
+ * Holds if a cast from `fromtyp` to `totyp` can be ignored for the purpose of
+ * range analysis.
+ */
+pragma[inline]
+private predicate safeCast(IntegralType fromtyp, IntegralType totyp) {
+  fromtyp.getSize() < totyp.getSize() and
+  (
+    fromtyp.isUnsigned()
+    or
+    totyp.isSigned()
+  )
+  or
+  fromtyp.getSize() <= totyp.getSize() and
+  (
+    fromtyp.isSigned() and
+    totyp.isSigned()
+    or
+    fromtyp.isUnsigned() and
+    totyp.isUnsigned()
+  )
+}
+
+class PtrToPtrCastInstruction extends ConvertInstruction {
+  PtrToPtrCastInstruction() {
+    getResultType() instanceof PointerType and
+    getUnary().getResultType() instanceof PointerType
+  }
+}
+
+class SafeIntCastInstruction extends ConvertInstruction {
+  SafeIntCastInstruction() { safeCast(getUnary().getResultType(), getResultType()) }
+}
+
+class SafeCastInstruction extends ConvertInstruction {
+  SafeCastInstruction() {
+    this instanceof PtrToPtrCastInstruction or
+    this instanceof SafeIntCastInstruction
+  }
+}
