Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add query to ensure predicates starting with 'get' return a value #18164

Merged
38 changes: 38 additions & 0 deletions ql/ql/src/queries/style/ValidatePredicateGetReturns.ql
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
/**
* @name Predicates starting with "get" or "as" should return a value
* @description Checks if predicates that start with "get" or "as" actually return a value.
* @kind problem
* @problem.severity warning
* @id ql/predicates-get-should-return-value
* @tags correctness
* maintainability
* @precision high
*/

import ql
import codeql_ql.ast.Ast

/**
* Identifies predicates whose names start with "get", "as" followed by an uppercase letter.
* This ensures that only predicates like "getValue" are matched, excluding names like "getter".
*/
predicate isGetPredicate(Predicate pred, string prefix) {
prefix = pred.getName().regexpCapture("(get|as)[A-Z].*", 1)
}

/**
* Checks if a predicate has a return type.
*/
predicate hasReturnType(Predicate pred) { exists(pred.getReturnTypeExpr()) }

/**
* Checks if a predicate is an alias using getAlias().
*/
predicate isAlias(Predicate pred) { exists(pred.(ClasslessPredicate).getAlias()) }

from Predicate pred, string prefix
where
isGetPredicate(pred, prefix) and
not hasReturnType(pred) and
not isAlias(pred)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we instead check that whatever it aliases has a return type?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think that's a very reasonable extension of this query, but I don't mind merging as-is, hence approved.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this what you have had in mind 01b62ad ?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, thanks for adding.

select pred, "This predicate starts with '" + prefix + "' but does not return a value."
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
| test.qll:4:11:4:18 | ClasslessPredicate getValue | This predicate starts with 'get' but does not return a value. |
| test.qll:25:11:25:28 | ClasslessPredicate getImplementation2 | This predicate starts with 'get' but does not return a value. |
| test.qll:31:11:31:17 | ClasslessPredicate asValue | This predicate starts with 'as' but does not return a value. |
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
queries/style/ValidatePredicateGetReturns.ql
42 changes: 42 additions & 0 deletions ql/ql/test/queries/style/ValidatePredicateGetReturns/test.qll
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
import ql

// NOT OK -- Predicate starts with "get" but does not return a value
predicate getValue() { none() }

// OK -- starts with get and returns a value
string getData() { result = "data" }

// OK -- starts with get but followed by a lowercase letter, probably should be ignored
predicate getterFunction() { none() }

// OK -- starts with get and returns a value
string getImplementation() { result = "implementation" }

// OK -- is an alias
predicate getAlias = getImplementation/0;

// OK -- Starts with "get" but followed by a lowercase letter, probably be ignored
predicate getvalue() { none() }

// OK -- Does not start with "get", should be ignored
predicate retrieveValue() { none() }

// NOT OK -- starts with get and does not return value
predicate getImplementation2() { none() }

// OK -- is an alias
predicate getAlias2 = getImplementation2/0;

// NOT OK -- starts with as and does not return value
predicate asValue() { none() }

// OK -- starts with as but followed by a lowercase letter, probably should be ignored
predicate assessment() { none() }

// OK -- starts with as and returns a value
string asString() { result = "string" }

// OK -- starts with get and returns a value
HiddenType getInjectableCompositeActionNode() {
exists(HiddenType hidden | result = hidden.toString())
}
Loading