Address review comments

hvitved · hvitved · commit 57ce2ee7491c · 2025-12-08T13:27:36.000+01:00
diff --git a/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll b/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
@@ -428,6 +428,9 @@ module RustDataFlow implements InputSig<Location> {
   private Function getStaticTargetExt(Call c) {
     result = c.getStaticTarget()
     or
+    // If the static target of an overloaded operation cannot be resolved, we fall
+    // back to the trait method as the target. This ensures that the flow models
+    // still apply.
     not exists(c.getStaticTarget()) and
     exists(TraitItemNode t, string methodName |
       c.(Operation).isOverloaded(t, methodName, _) and
diff --git a/rust/ql/lib/codeql/rust/dataflow/internal/Node.qll b/rust/ql/lib/codeql/rust/dataflow/internal/Node.qll
@@ -554,6 +554,8 @@ newtype TNode =
     e.hasEnclosingCfgScope() and
     (
       isArgumentForCall(e, _, _) and
+      // For compound assignments into variables like `x += y`, we do not want flow into
+      // `[post] x`, as that would create spurious flow when `x` is a parameter.
       not (e = any(CompoundAssignmentExpr cae).getLhs() and e instanceof VariableAccess)
       or
       lambdaCallExpr(_, _, e)

Original file line number	Diff line number	Diff line change
`@@ -554,6 +554,8 @@ newtype TNode =`
`554`	`554`	`e.hasEnclosingCfgScope() and`
`555`	`555`	`(`
`556`	`556`	`isArgumentForCall(e, _, _) and`
	`557`	+ // For compound assignments into variables like `x += y`, we do not want flow into
	`558`	+ // `[post] x`, as that would create spurious flow when `x` is a parameter.
`557`	`559`	`not (e = any(CompoundAssignmentExpr cae).getLhs() and e instanceof VariableAccess)`
`558`	`560`	`or`
`559`	`561`	`lambdaCallExpr(_, _, e)`