mirror of
https://github.com/github/codeql.git
synced 2026-04-24 08:15:14 +02:00
QL: QL: Respond to PR reviews.
This commit is contained in:
committed by
GitHub
parent
f86a827bb6
commit
b4d710d58f
@@ -1,3 +1,5 @@
|
||||
private import codeql_ql.ast.internal.Type
|
||||
|
||||
predicate isBuiltinClassless(string sig) {
|
||||
sig =
|
||||
[
|
||||
@@ -58,3 +60,8 @@ predicate isBuiltinMember(string qual, string ret, string name, string args) {
|
||||
|
||||
bindingset[args]
|
||||
string getArgType(string args, int i) { result = args.splitAt(",", i).trim() }
|
||||
|
||||
/** The primitive 'string' class in QL. */
|
||||
class StringClass extends PrimitiveType {
|
||||
StringClass() { this.getName() = "string" }
|
||||
}
|
||||
|
||||
@@ -10,10 +10,7 @@
|
||||
|
||||
import ql
|
||||
import codeql_ql.ast.internal.Predicate
|
||||
|
||||
class StringClass extends PrimitiveType {
|
||||
StringClass() { this.getName() = "string" }
|
||||
}
|
||||
import codeql_ql.ast.internal.Builtins
|
||||
|
||||
class PrefixPredicate extends BuiltinPredicate {
|
||||
PrefixPredicate() { this = any(StringClass sc).getClassPredicate("prefix", 1) }
|
||||
@@ -35,15 +32,18 @@ class EqFormula extends ComparisonFormula {
|
||||
EqFormula() { this.getSymbol() = "=" }
|
||||
}
|
||||
|
||||
bindingset[s]
|
||||
string escape(string s) { result = s.replaceAll("_", "\\\\_").replaceAll("%", "\\\\%") }
|
||||
|
||||
pragma[inline]
|
||||
string getMessage(Call call, String literal) {
|
||||
call instanceof PrefixPredicateCall and result = ".matches(\"" + literal.getValue() + "%\")"
|
||||
call instanceof PrefixPredicateCall and
|
||||
result = ".matches(\"" + escape(literal.getValue()) + "%\")"
|
||||
or
|
||||
call instanceof SuffixPredicateCall and result = ".matches(\"%" + literal.getValue() + "\")"
|
||||
call instanceof SuffixPredicateCall and
|
||||
result = ".matches(\"%" + escape(literal.getValue()) + "\")"
|
||||
}
|
||||
|
||||
from EqFormula eq, PrefixPredicateCall call, String literal
|
||||
where eq.getAnOperand() = call and eq.getAnOperand() = literal
|
||||
select eq,
|
||||
"Use " + getMessage(call, literal) + " instead (but be sure to escape " + literal.getValue() +
|
||||
")."
|
||||
select eq, "Use " + getMessage(call, literal) + " instead."
|
||||
|
||||
Reference in New Issue
Block a user