tainting: Fix --pro-intrafile confusing param with function (semgrep/…

…semgrep-proprietary#1792) Due to Naming_AST limitations (top-level functions typically do not get resolved), we ignore the "sid" when matching function names for inter-proc analysis in `--pro-intrafile`. Problem is that we also ignored the `id_resolved` in its entirety, and if e.g. this is set to `LocalVar` or `Param` then that name cannot correspond to a function. This could lead to a parameter being confused as a function definition with the same name: def foo taint end def bar(foo) sink(foo) # this `foo` is the parameter not the function above ! end Closes CODE-6923 test plan: make test # one new test synced from Pro ca178a77ca44c1fff2105e9d27bd602df1c269b7
semgrep · Jul 9, 2024 · e026171 · e026171
1 parent bde052c
commit e026171
Showing 1 changed file with 10 additions and 0 deletions.
diff --git a/changelog.d/code-6923.fixed b/changelog.d/code-6923.fixed
@@ -0,0 +1,10 @@
+tainting: Fixed bug in `--pro-intrafile` that caused Semgrep to confuse a parameter
+with a top-level function with no arguments that happened to have the same name:
+
+    def foo
+      taint
+    end
+
+    def bar(foo)
+      sink(foo) # no more FP here
+    end