wip

Author: hvitved

csharp/ql/lib/semmle/code/csharp/Assignable.qll

@@ -204,7 +204,7 @@ private class RefArg extends AssignableAccess {
   AssignableDefinition getAnAnalyzableRefDef(Parameter p) {
     this.isAnalyzable(p) and
     result.getTarget() = p and
-    not result = TImplicitParameterDefinition(_, _)
+    not result = TImplicitParameterDefinition(_)
   }
 
   /**
@@ -272,10 +272,7 @@ module AssignableInternal {
     or
     def = TAssignOperationDefinition(result)
     or
-    exists(Parameter p |
-      def = TImplicitParameterDefinition(p, true) and
-      result = p.getDefaultValue()
-    )
+    def = TParameterDefaultDefinition(_, result)
   }
 
   /** A local variable declaration at the top-level of a pattern. */
@@ -309,20 +306,21 @@ module AssignableInternal {
         not lvde instanceof TopLevelPatternDecl and
         not lvde.isOutArgument()
       } or
-      TImplicitParameterDefinition(Parameter p, boolean isDefault) {
+      TImplicitParameterDefinition(Parameter p) {
         exists(Callable c | p = c.getAParameter() |
           c.hasBody()
           or
-          // Same as `c.(Constructor).hasInitializer()`, but avoids negative recursion warning
-          c.getAChildExpr() instanceof @constructor_init_expr
-        ) and
-        (
-          isDefault = false
-          or
-          p.hasDefaultValue() and
-          isDefault = true
+          c.(Constructor).hasInitializer()
         )
       } or
+      TParameterDefaultDefinition(Parameter p, Expr default) {
+        exists(Callable c | p = c.getAParameter() |
+          c.hasBody()
+          or
+          c.(Constructor).hasInitializer()
+        ) and
+        default = p.getDefaultValue()
+      } or
       TAddressOfDefinition(AddressOfExpr aoe) or
       TPatternDefinition(TopLevelPatternDecl tlpd) or
       TAssignOperationDefinition(AssignOperation ao) {
@@ -361,7 +359,7 @@ module AssignableInternal {
       or
       def = any(AssignableDefinitions::InitializerDefinition init | result = init.getAssignable())
       or
-      def = TImplicitParameterDefinition(result, _)
+      def = TParameterDefaultDefinition(result, _)
     }
 
     // Not defined by dispatch in order to avoid too conservative negative recursion error
@@ -681,7 +679,7 @@ module AssignableDefinitions {
   class ImplicitParameterDefinition extends AssignableDefinition, TImplicitParameterDefinition {
     Parameter p;
 
-    ImplicitParameterDefinition() { this = TImplicitParameterDefinition(p, false) }
+    ImplicitParameterDefinition() { this = TImplicitParameterDefinition(p) }
 
     /** Gets the underlying parameter. */
     Parameter getParameter() { result = p }
@@ -702,26 +700,27 @@ module AssignableDefinitions {
   /**
    * A default value assigned to a parameter.
    */
-  class ParameterDefaultDefinition extends AssignableDefinition, TImplicitParameterDefinition {
+  class ParameterDefaultDefinition extends AssignableDefinition, TParameterDefaultDefinition {
     Parameter p;
+    Expr default;
 
-    ParameterDefaultDefinition() { this = TImplicitParameterDefinition(p, true) }
+    ParameterDefaultDefinition() { this = TParameterDefaultDefinition(p, default) }
 
     /** Gets the underlying parameter. */
     Parameter getParameter() { result = p }
 
     /** Gets the default value expression for the parameter. */
-    Expr getDefaultValue() { result = p.getDefaultValue() }
+    Expr getDefaultValue() { result = default }
 
-    override Expr getSource() { result = p.getDefaultValue() }
+    override Expr getSource() { result = default }
 
-    override Expr getElement() { result = p.getDefaultValue() }
+    override Expr getElement() { result = default }
 
     override Callable getEnclosingCallable() { result = p.getCallable() }
 
     override string toString() { result = p.toString() + " = ..." }
 
-    override Location getLocation() { result = p.getDefaultValue().getLocation() }
+    override Location getLocation() { result = default.getLocation() }
   }
 
   /**

csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowGraph.qll

@@ -73,16 +73,19 @@ private module Ast implements AstSig<Location> {
   private AstNode getParent(AstNode n) { n = getChild(result, _) }
 
   Callable getEnclosingCallable(AstNode node) {
-    result = node.(ControlFlowElement).getEnclosingCallable()
-    or
-    result.(ObjectInitMethod).initializes(getParent*(node))
-    or
-    Initializers::staticMemberInitializer(result, getParent*(node))
-    or
-    result = node.(Parameter).getCallable()
-    or
-    not skipControlFlow(node) and
-    getParent*(node) = any(Parameter p | result = p.getCallable()).getDefaultValue()
+    result.isUnboundDeclaration() and
+    (
+      result = node.(ControlFlowElement).getEnclosingCallable()
+      or
+      result.(ObjectInitMethod).initializes(getParent*(node))
+      or
+      Initializers::staticMemberInitializer(result, getParent*(node))
+      or
+      result = node.(Parameter).getCallable()
+      or
+      not skipControlFlow(node) and
+      getParent*(node) = any(Parameter p | result = p.getCallable()).getDefaultValue()
+    )
   }
 
   class Callable = CS::Callable;