C#: Fix false positives in cs/unchecked-return-value

2025-12-16 16:53:25 +01:00 · 2019-07-29 17:32:21 -07:00
parent b6f3f7866b
commit 5c127ef20d
4 changed files with 11 additions and 3 deletions
--- a/change-notes/1.22/analysis-csharp.md
+++ b/change-notes/1.22/analysis-csharp.md
@@ -24,6 +24,7 @@
 | Number of commits | No results | Query has been removed. |
 | Poorly documented files with many authors | No results | Query has been removed. |
 | Recent activity | No results | Query has been removed. |
+| Unchecked return value (`cs/unchecked-return-value`) | Fewer false positive results | Method calls that are expression bodies of `void` callables (for example, the call to `Foo` in `void Bar() => Foo()`) are no longer considered to use the return value. |

 ## Changes to code extraction

--- a/Abuse/UncheckedReturnValue.ql
+++ b/Abuse/UncheckedReturnValue.ql
@@ -89,7 +89,14 @@ predicate whitelist(Method m) {
 }

 class DiscardedMethodCall extends MethodCall {
-  DiscardedMethodCall() { this.getParent() instanceof ExprStmt }
+  DiscardedMethodCall() {
+    this.getParent() instanceof ExprStmt
+    or
+    exists(Callable c |
+      this = c.getExpressionBody() and
+      not c.canReturn(this)
+    )
+  }

  string query() {
    exists(Method m |
--- a/csharp/ql/src/semmle/code/csharp/Callable.qll
+++ b/csharp/ql/src/semmle/code/csharp/Callable.qll
@@ -209,7 +209,8 @@ class Callable extends DotNet::Callable, Parameterizable, ExprOrStmtParent, @cal
  override predicate canReturn(DotNet::Expr e) {
    exists(ReturnStmt ret | ret.getEnclosingCallable() = this | e = ret.getExpr())
    or
-    e = getExpressionBody()
+    e = this.getExpressionBody() and
+    not this.getReturnType() instanceof VoidType
  }

  /** Holds if this callable can yield return the expression `e`. */
--- a/Abuse/UncheckedReturnValue/UncheckedReturnValue.expected
+++ b/Abuse/UncheckedReturnValue/UncheckedReturnValue.expected
@@ -4,6 +4,5 @@
 | UncheckedReturnValue.cs:109:9:109:17 | call to method M1 | Result of call to 'M1' is ignored, but 90% of calls to this method have their result used. |
 | UncheckedReturnValue.cs:130:9:130:21 | call to method M2 | Result of call to 'M2' is ignored, but 90% of calls to this method have their result used. |
 | UncheckedReturnValue.cs:142:9:142:20 | call to method M3 | Result of call to 'M3' is ignored, but 90% of calls to this method have their result used. |
-| UncheckedReturnValue.cs:169:9:169:12 | call to method M1 | Result of call to 'M1' is ignored, but 90% of calls to this method have their result used. |
 | UncheckedReturnValueBad.cs:29:9:29:20 | call to method DoPrint | Result of call to 'DoPrint' is ignored, but 90% of calls to this method have their result used. |
 | UncheckedReturnValueBad.cs:36:13:36:40 | call to method Read | Result of call to 'Read' is ignored, but should always be checked. |