hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 18:25:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Avoid using global vars in documentation examples

Browse Source
This commit is contained in:
Asger F
2023-05-17 10:47:25 +02:00
parent 867bdcf74d
commit 9ec6c7daea
1 changed files with 17 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
docs/codeql/codeql-language-guides/using-flow-labels-for-precise-data-flow-analysis.rst
View File

@@ -70,18 +70,22 @@ For example, we would like to flag this code:
.. code-block:: javascript
var data = JSON.parse(str);
if (data.length > 0) { // problematic: `data` may be `null`
...
function test(str) {
var data = JSON.parse(str);
if (data.length > 0) { // problematic: `data` may be `null`
...
}
}
This code, on the other hand, should not be flagged:
.. code-block:: javascript
var data = JSON.parse(str);
if (data && data.length > 0) { // unproblematic: `data` is first checked for nullness
...
function test(str) {
var data = JSON.parse(str);
if (data && data.length > 0) { // unproblematic: `data` is first checked for nullness
...
}
}
We will first try to write a query to find this kind of problem without flow labels, and use the
@@ -168,11 +172,13 @@ checked for null-guardedness:
.. code-block:: javascript
var root = JSON.parse(str);
if (root) {
var payload = root.data; // unproblematic: `root` cannot be `null` here
if (payload.length > 0) { // problematic: `payload` may be `null` here
...
function test(str) {
var root = JSON.parse(str);
if (root) {
var payload = root.data; // unproblematic: `root` cannot be `null` here
if (payload.length > 0) { // problematic: `payload` may be `null` here
...
}
}
}