QL code and tests for C#/C++/JavaScript.

2026-04-25 00:35:20 +02:00 · 2018-08-02 17:53:23 +01:00
commit b55526aa58
10684 changed files with 581163 additions and 0 deletions
--- a/javascript/ql/src/Declarations/ClobberingVarInit.qhelp
+++ b/javascript/ql/src/Declarations/ClobberingVarInit.qhelp
@@ -0,0 +1,47 @@
+<!DOCTYPE qhelp PUBLIC
+  "-//Semmle//qhelp//EN"
+  "qhelp.dtd">
+<qhelp>
+<overview>
+<p>
+If a variable is declared and initialized twice inside the same variable declaration statement,
+the second initialization immediately overwrites the first one. This is confusing at best, and
+probably indicates an underlying bug.
+</p>
+
+</overview>
+<recommendation>
+
+<p>
+Rename the second variable declaration to avoid the conflict. For every use of the variable,
+examine it to find out whether it is meant to refer to the first or to the second declaration.
+If it is meant to refer to the second declaration, rename the use as well.
+</p>
+
+</recommendation>
+<example>
+
+<p>
+In the following example, the variable declaration statement declares and initializes the variable
+<code>key</code> twice, once to <code>iter[0]</code> and once to <code>iter[1]</code>. The second
+initialization overwrites the first, so <code>key</code> ends up being set to <code>iter[1]</code>.
+</p>
+
+<sample src="examples/ClobberingVarInit.js" />
+
+<p>
+From context, it is clear that the second declaration is a typo: it should instead declare and
+initialize the variable <code>value</code>, which is referred to in the next line:
+</p>
+
+<sample src="examples/ClobberingVarInitGood.js" />
+
+</example>
+<references>
+
+
+<li>Ecma International, <i>ECMAScript Language Definition</i>, 5.1 Edition, Section 12.2. ECMA, 2011.</li>
+
+
+</references>
+</qhelp>