Merge pull request #2078 from taus-semmle/python-unreachable-suppressed

Python: Teach `py/unreachable-statement` about `contextlib.suppress`.

python/ql/src/Statements/UnreachableCode.ql

@@ -31,9 +31,18 @@ predicate unique_yield(Stmt s) {
     )
 }
 
+/** Holds if `contextlib.suppress` may be used in the same scope as `s` */
+predicate suppression_in_scope(Stmt s) {
+    exists(With w |
+        w.getContextExpr().(Call).getFunc().pointsTo(Value::named("contextlib.suppress")) and
+        w.getScope() = s.getScope()
+    )
+}
+
 predicate reportable_unreachable(Stmt s) {
     s.isUnreachable() and
     not typing_import(s) and
+    not suppression_in_scope(s) and
     not exists(Stmt other | other.isUnreachable() |
         other.contains(s)
         or

python/ql/test/3/query-tests/Statements/unreachable_suppressed/UnreachableCode.qlref

@@ -0,0 +1 @@
+Statements/UnreachableCode.ql

python/ql/test/3/query-tests/Statements/unreachable_suppressed/test.py

@@ -0,0 +1,39 @@
+from contextlib import suppress
+
+def raises_exception():
+    raise Exception("This will be suppressed")
+
+def foo():
+    test = False
+    with suppress(Exception):
+        raises_exception()
+        test = True
+    if test:
+        return
+    print("An exception was raised") # FP: not reached
+
+foo()
+
+def bar(x):
+    test = False
+    try:
+        if x:
+            raise Exception("Bar")
+        test = True
+    except Exception:
+        pass
+    if test:
+        print("Test was set")
+        return
+    print("Test was not set")
+
+bar(True)
+bar(False)
+
+# False negative
+
+def fn_suppression():
+    with suppress(Exception):
+        raise Exception()
+    return False
+    return True