From edef2fa868357737246b6403768b3dcc89e52c99 Mon Sep 17 00:00:00 2001
From: Mathias Vorreiter Pedersen <mathiasvp@github.com>
Date: Fri, 12 Jan 2024 16:57:08 +0000
Subject: [PATCH] C++: Robustify the IR by ensuring that a write side effect
 never has more than 10 types.

---
 .../ir/implementation/raw/internal/TranslatedCall.qll | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll
index 7079354f098c..1b9bf1e44480 100644
--- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll
@@ -577,7 +577,16 @@ class TranslatedStructorQualifierSideEffect extends TranslatedArgumentSideEffect
   /** DEPRECATED: Alias for getAst */
   deprecated override Locatable getAST() { result = this.getAst() }
 
-  final override Type getIndirectionType() { result = call.getTarget().getDeclaringType() }
+  private Type getIndirectionType0() { result = call.getTarget().getDeclaringType() }
+
+  final override Type getIndirectionType() {
+    result = this.getIndirectionType0() and
+    // Ideally, each function should only belong to one class, but we've seen
+    // functions that belong to thousands of declaring classes. That
+    // causes a problem for later analyses (in particular, the aliased SSA
+    // analysis).
+    strictcount(this.getIndirectionType0()) < 10
+  }
 
   final override string getArgString() { result = "this" }