hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Java: Ignore char array based closeables for CloseReader.ql and CloseWriter.ql

Browse Source
This commit is contained in:
Marcono1234
2021-05-10 18:33:07 +02:00
parent 5016c6436a
commit 2e098f050e
4 changed files with 6 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/src/Likely Bugs/Resource Leaks/CloseReader.qhelp
View File

@@ -14,7 +14,7 @@ but not closed may cause a resource leak.
<p>Ensure that the resource is always closed to avoid a resource leak. Note that, because of exceptions,
it is safest to close a resource in a <code>finally</code> block. (However, this is unnecessary for
subclasses of <code>StringReader</code> and <code>ByteArrayInputStream</code>.)
subclasses of <code>CharArrayReader</code>, <code>StringReader</code> and <code>ByteArrayInputStream</code>.)
</p>
<p>For Java 7 or later, the recommended way to close resources that implement <code>java.lang.AutoCloseable</code>

7
java/ql/src/Likely Bugs/Resource Leaks/CloseReader.ql
View File

@@ -17,17 +17,14 @@ import CloseType
predicate readerType(RefType t) {
exists(RefType sup | sup = t.getASupertype*() |
sup.hasName("Reader") or
sup.hasName("InputStream") or
sup.hasName(["Reader", "InputStream"]) or
sup.hasQualifiedName("java.util.zip", "ZipFile")
)
}
predicate safeReaderType(RefType t) {
exists(RefType sup | sup = t.getASupertype*() |
sup.hasName("StringReader") or
sup.hasName("ByteArrayInputStream") or
sup.hasName("StringInputStream")
sup.hasName(["CharArrayReader", "StringReader", "ByteArrayInputStream"])
)
}

2
java/ql/src/Likely Bugs/Resource Leaks/CloseWriter.qhelp
View File

@@ -14,7 +14,7 @@ but not properly closed later may cause a resource leak.
<p>Ensure that the resource is always closed to avoid a resource leak. Note that, because of exceptions,
it is safest to close a resource properly in a <code>finally</code> block. (However, this is unnecessary for
subclasses of <code>StringWriter</code> and <code>ByteArrayOutputStream</code>.)</p>
subclasses of <code>CharArrayWriter</code>, <code>StringWriter</code> and <code>ByteArrayOutputStream</code>.)</p>
<p>For Java 7 or later, the recommended way to close resources that implement <code>java.lang.AutoCloseable</code>
is to declare them within a <code>try-with-resources</code> statement, so that they are closed implicitly.</p>

8
java/ql/src/Likely Bugs/Resource Leaks/CloseWriter.ql
View File

@@ -16,16 +16,12 @@
import CloseType
predicate writerType(RefType t) {
exists(RefType sup | sup = t.getASupertype*() |
sup.hasName("Writer") or
sup.hasName("OutputStream")
)
exists(RefType sup | sup = t.getASupertype*() | sup.hasName(["Writer", "OutputStream"]))
}
predicate safeWriterType(RefType t) {
exists(RefType sup | sup = t.getASupertype*() |
sup.hasName("StringWriter") or
sup.hasName("ByteArrayOutputStream")
sup.hasName(["CharArrayWriter", "StringWriter", "ByteArrayOutputStream"])
)
}