Binary: Only emit an external ref instruction when the call is external.

Author: MathiasVP

binary/ql/lib/semmle/code/binary/ast/internal/CilInstructions.qll

@@ -68,6 +68,10 @@ class CilMethod extends @method {
     result.getIndex() = i
   }
 
+  string getFullyQualifiedName() {
+    result = this.getDeclaringType().getFullName() + "." + this.getName()
+  }
+
   CilParameter getParameter(int i) {
     result.getMethod() = this and
     result.getIndex() = i
@@ -363,7 +367,7 @@ abstract class CilCall extends CilInstruction {
 
   final predicate hasReturnValue() { il_call_has_return_value(this) }
 
-  string getExternalName() { il_call_target_unresolved(this, result) }
+  CilMethod getTarget() { result.getFullyQualifiedName() = this.getExternalName() }
 }
 
 class CilIl_jmp extends @il_il_jmp, CilCall { }

binary/ql/lib/semmle/code/binary/ast/ir/internal/Instruction0/TranslatedInstruction.qll

@@ -2132,6 +2132,7 @@ class TranslatedCilCall extends TranslatedCilInstruction, TTranslatedCilCall {
     then v.asSome() = this.getTempVariable(CallReturnValueTag())
     else v.isNone()
     or
+    not exists(instr.getTarget()) and
     opcode instanceof Opcode::ExternalRef and
     tag = CilCallTargetTag() and
     v.asSome() = this.getTempVariable(CilCallTargetVarTag())
@@ -2141,6 +2142,7 @@ class TranslatedCilCall extends TranslatedCilInstruction, TTranslatedCilCall {
     instr.hasReturnValue() and
     tag = CallReturnValueTag()
     or
+    not exists(instr.getTarget()) and
     tag = CilCallTargetVarTag()
   }
 
@@ -2154,19 +2156,23 @@ class TranslatedCilCall extends TranslatedCilInstruction, TTranslatedCilCall {
         getTranslatedCilInstruction(instr.getABackwardPredecessor()).getStackElement(index) = result
       )
       or
+      not exists(instr.getTarget()) and
       operandTag instanceof CallTargetTag and
       result = this.getInstruction(CilCallTargetTag()).getResultVariable()
     )
   }
 
   override string getExternalName(InstructionTag tag) {
+    // TODO: Only when external
+    not exists(instr.getTarget()) and
     tag = CilCallTargetTag() and
     result = instr.getExternalName()
   }
 
   override Instruction getChildSuccessor(TranslatedElement child, SuccessorType succType) { none() }
 
   override Instruction getSuccessor(InstructionTag tag, SuccessorType succType) {
+    not exists(instr.getTarget()) and
     tag = CilCallTargetTag() and
     succType instanceof DirectSuccessor and
     result = this.getInstruction(CilCallTag())
@@ -2176,13 +2182,21 @@ class TranslatedCilCall extends TranslatedCilInstruction, TTranslatedCilCall {
     result = getTranslatedInstruction(instr.getASuccessor()).getEntry()
   }
 
-  override Instruction getEntry() { result = this.getInstruction(CilCallTargetTag()) }
+  override Instruction getEntry() {
+    not exists(instr.getTarget()) and
+    result = this.getInstruction(CilCallTargetTag())
+  }
 
   override Variable getResultVariable() {
     instr.hasReturnValue() and
     result = this.getTempVariable(CallReturnValueTag())
   }
 
+  override TranslatedFunction getStaticCallTarget(InstructionTag tag) {
+    tag = CilCallTag() and
+    result = getTranslatedFunction(instr.getTarget())
+  }
+
   final override Variable getStackElement(int i) {
     if instr.hasReturnValue()
     then