hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 21:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

QL code and tests for C#/C++/JavaScript.

Browse Source
This commit is contained in:
Pavel Avgustinov
2018-08-02 17:53:23 +01:00
commit b55526aa58
10684 changed files with 581163 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/test/query-tests/Declarations/ArgumentsRedefined/ArgumentsRedefined.expected Normal file
View File

@@ -0,0 +1,2 @@
| tst.js:3:5:3:13 | arguments | Redefinition of arguments. |
| tst.js:7:7:7:15 | arguments | Redefinition of arguments. |

1
javascript/ql/test/query-tests/Declarations/ArgumentsRedefined/ArgumentsRedefined.qlref Normal file
View File

@@ -0,0 +1 @@
Declarations/ArgumentsRedefined.ql

3
javascript/ql/test/query-tests/Declarations/ArgumentsRedefined/externs.js Normal file
View File

@@ -0,0 +1,3 @@
var arguments;
//semmle-extractor-options: --externs

8
javascript/ql/test/query-tests/Declarations/ArgumentsRedefined/tst.js Normal file
View File

@@ -0,0 +1,8 @@
function f() {
if (arguments[0].isArray())
arguments = arguments[0]; // NOT OK
}
function g(x, y) {
var arguments = [y, x]; // NOT OK
}

3
javascript/ql/test/query-tests/Declarations/ArgumentsRedefined/types.d.ts vendored Normal file
View File

@@ -0,0 +1,3 @@
declare function ambientArguments(arguments: string[]): string; // OK
declare function ambientArgumentsVarArgs(...arguments: string[]): string; // OK

6
javascript/ql/test/query-tests/Declarations/AssignmentToConst/AssignmentToConst.expected Normal file
View File

@@ -0,0 +1,6 @@
| classes.js:4:1:4:10 | class C {} | Assignment to variable C, which is $@ constant. | classes.js:1:1:1:13 | const C = 45; | declared |
| functions.js:4:10:4:10 | C | Assignment to variable C, which is $@ constant. | functions.js:1:1:1:13 | const C = 45; | declared |
| tst.js:4:1:4:6 | x = 42 | Assignment to variable x, which is $@ constant. | tst.js:1:1:1:21 | const x ... y = 42; | declared |
| tst.js:7:1:7:6 | y = 23 | Assignment to variable y, which is $@ constant. | tst.js:1:1:1:21 | const x ... y = 42; | declared |
| tst.js:10:5:10:10 | y = -1 | Assignment to variable y, which is $@ constant. | tst.js:1:1:1:21 | const x ... y = 42; | declared |
| tst.js:13:1:13:3 | ++x | Assignment to variable x, which is $@ constant. | tst.js:1:1:1:21 | const x ... y = 42; | declared |

1
javascript/ql/test/query-tests/Declarations/AssignmentToConst/AssignmentToConst.qlref Normal file
View File

@@ -0,0 +1 @@
Declarations/AssignmentToConst.ql

4
javascript/ql/test/query-tests/Declarations/AssignmentToConst/classes.js Normal file
View File

@@ -0,0 +1,4 @@
const C = 45;
// NOT OK
class C {}

10
javascript/ql/test/query-tests/Declarations/AssignmentToConst/const6.js Normal file
View File

@@ -0,0 +1,10 @@
// OK: `const` is block scoped in ECMAScript 2015
function f() {
{
const val = 1;
}
{
const val = 2;
}
}

4
javascript/ql/test/query-tests/Declarations/AssignmentToConst/functions.js Normal file
View File

@@ -0,0 +1,4 @@
const C = 45;
// NOT OK
function C() {}

2
javascript/ql/test/query-tests/Declarations/AssignmentToConst/other.js Normal file
View File

@@ -0,0 +1,2 @@
// OK
const s = "there";

21
javascript/ql/test/query-tests/Declarations/AssignmentToConst/tst.js Normal file
View File

@@ -0,0 +1,21 @@
const x = 23, y = 42;
// NOT OK
x = 42;
// NOT OK
y = 23;
// NOT OK
var y = -1;
// NOT OK
++x;
var z = 56;
// OK
z = 72;
// OK
const s = "hi";

7
javascript/ql/test/query-tests/Declarations/BuiltinRedefined/BuiltinRedefined.expected Normal file
View File

@@ -0,0 +1,7 @@
| builtinRedefined.js:1:1:1:4 | eval | Redefinition of eval. |
| builtinRedefined.js:2:3:2:6 | eval | Redefinition of eval. |
| builtinRedefined.js:3:5:3:8 | eval | Redefinition of eval. |
| builtinRedefined.js:4:12:4:15 | eval | Redefinition of eval. |
| builtinRedefined.js:5:18:5:21 | eval | Redefinition of eval. |
| builtinRedefined.js:8:1:8:6 | Object | Redefinition of Object. |
| builtinRedefined.js:10:12:10:20 | undefined | Redefinition of undefined. |

1
javascript/ql/test/query-tests/Declarations/BuiltinRedefined/BuiltinRedefined.qlref Normal file
View File

@@ -0,0 +1 @@
Declarations/BuiltinRedefined.ql

14
javascript/ql/test/query-tests/Declarations/BuiltinRedefined/builtinRedefined.js Normal file
View File

@@ -0,0 +1,14 @@
eval = 42;
++eval;
var eval;
function x(eval) { }
var y = function eval() { };
eval("");
Object = function(){};
function f(undefined) {}
(function f(undefined){}());
Date = this.Date;
var Math = this.Math;

3
javascript/ql/test/query-tests/Declarations/BuiltinRedefined/externs.js Normal file
View File

@@ -0,0 +1,3 @@
Object = function(){};
//semmle-extractor-options: --externs

1
javascript/ql/test/query-tests/Declarations/ClobberingVarInit/ClobberingVarInit.expected Normal file
View File

@@ -0,0 +1 @@
| tst.js:3:24:3:36 | key = iter[1] | This initialization of key overwrites $@. | tst.js:3:9:3:21 | key = iter[0] | an earlier initialization |

1
javascript/ql/test/query-tests/Declarations/ClobberingVarInit/ClobberingVarInit.qlref Normal file
View File

@@ -0,0 +1 @@
Declarations/ClobberingVarInit.ql

12
javascript/ql/test/query-tests/Declarations/ClobberingVarInit/tst.js Normal file
View File

@@ -0,0 +1,12 @@
for (var iter in Iterator(aExtraHeaders)) {
// NOT OK
var key = iter[0], key = iter[1];
xhr.setRequestHeader(key, value);
}
// OK
var tmp = f(),
tmp = tmp + 19;
// OK
var a, b, a = 42;

1
javascript/ql/test/query-tests/Declarations/ConflictingFunctions/ConflictingFunctions.expected Normal file
View File

@@ -0,0 +1 @@
| tst.js:3:12:3:12 | g | Declaration of function g conflicts with $@ in the same scope. | tst.js:7:12:7:12 | g | another declaration |

1
javascript/ql/test/query-tests/Declarations/ConflictingFunctions/ConflictingFunctions.qlref Normal file
View File

@@ -0,0 +1 @@
Declarations/ConflictingFunctions.ql

42
javascript/ql/test/query-tests/Declarations/ConflictingFunctions/tst.js Normal file
View File

@@ -0,0 +1,42 @@
function f(x) {
if (x > 23) {
function g() {
return 42;
}
} else {
function g() {
return 56;
}
}
return g();
}
function f2(x) {
'use strict';
if (x > 23) {
function g() {
return 42;
}
} else {
function g() {
return 56;
}
}
return g();
}
function f3(x) {
'use strict';
function f4() {
if (x > 23) {
function g() {
return 42;
}
} else {
function g() {
return 56;
}
}
return g();
}
}

3
javascript/ql/test/query-tests/Declarations/ConflictingFunctions/tst.ts Normal file
View File

@@ -0,0 +1,3 @@
export function f(x: number) : void;
export function f(x: string) : void;
export function f(x: any) {};

2
javascript/ql/test/query-tests/Declarations/DeadStoreOfGlobal/DeadStoreOfGlobal.expected Normal file
View File

@@ -0,0 +1,2 @@
| tst.js:2:1:2:1 | g | This definition of g is useless, since its value is never read. |
| worker.js:3:1:3:9 | onmissage | This definition of onmissage is useless, since its value is never read. |

1
javascript/ql/test/query-tests/Declarations/DeadStoreOfGlobal/DeadStoreOfGlobal.qlref Normal file
View File

@@ -0,0 +1 @@
Declarations/DeadStoreOfGlobal.ql

41
javascript/ql/test/query-tests/Declarations/DeadStoreOfGlobal/externs.js Normal file
View File

@@ -0,0 +1,41 @@
// Adapted from the Google Closure externs; original copyright header included below.
/*
* Copyright 2008 The Closure Compiler Authors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
function Window() {}
Window.prototype.onload;
var global;
var window;
window.prop;
/**
* @see http://dev.w3.org/html5/workers/
* @constructor
* @implements {EventTarget}
*/
function Worker(opt_arg0) {}
/**
* Sent when the worker thread posts a message to its creator.
* @type {?function(!MessageEvent)}
*/
Worker.prototype.onmessage = function() {};
//semmle-extractor-options: --externs

2
javascript/ql/test/query-tests/Declarations/DeadStoreOfGlobal/node.js Normal file
View File

@@ -0,0 +1,2 @@
let fs;
fs = require('fs');

31
javascript/ql/test/query-tests/Declarations/DeadStoreOfGlobal/tst.js Normal file
View File

@@ -0,0 +1,31 @@
// NOT OK
g = 23;
// OK
h = 23;
alert(h);
// OK
uid = 0;
function incr() {
return uid++;
}
// OK
function foo() {
var x;
x = 0;
}
// OK
onload = function() {}
// OK
global = 42;
// OK
prop = 42;
// OK
/*global otherGlobal*/
otherGlobal = 56;

14
javascript/ql/test/query-tests/Declarations/DeadStoreOfGlobal/with.js Normal file
View File

@@ -0,0 +1,14 @@
function f(o) {
with (o) {
x = 42;
return function () {
x = 56;
};
}
}
var q = { x: 23 };
var h = f(q);
alert(q.x); // 42
h();
alert(q.x); // 56

3
javascript/ql/test/query-tests/Declarations/DeadStoreOfGlobal/worker.js Normal file
View File

@@ -0,0 +1,3 @@
onmessage = function() { console.log("Got a message!"); };
onmissage = function() { console.log("How did that happen?"); };

9
javascript/ql/test/query-tests/Declarations/DeadStoreOfLocal/DeadStoreOfLocal.expected Normal file
View File

@@ -0,0 +1,9 @@
| overload.ts:10:12:10:14 | baz | This definition of baz is useless, since its value is never read. |
| tst2.js:26:9:26:14 | x = 23 | This definition of x is useless, since its value is never read. |
| tst2.js:28:9:28:14 | x = 42 | This definition of x is useless, since its value is never read. |
| tst.js:6:2:6:7 | y = 23 | This definition of y is useless, since its value is never read. |
| tst.js:13:6:13:11 | a = 23 | This definition of a is useless, since its value is never read. |
| tst.js:13:14:13:19 | a = 42 | This definition of a is useless, since its value is never read. |
| tst.js:45:6:45:11 | x = 23 | This definition of x is useless, since its value is never read. |
| tst.js:51:6:51:11 | x = 23 | This definition of x is useless, since its value is never read. |
| tst.js:132:7:132:13 | {x} = o | This definition of x is useless, since its value is never read. |

1
javascript/ql/test/query-tests/Declarations/DeadStoreOfLocal/DeadStoreOfLocal.qlref Normal file
View File

@@ -0,0 +1 @@
Declarations/DeadStoreOfLocal.ql

6
javascript/ql/test/query-tests/Declarations/DeadStoreOfLocal/extends.js Normal file
View File

@@ -0,0 +1,6 @@
const React = require('react'); // OK: used in `extends` clause below
class Foo extends React.Component {
}
module.exports = Foo;

17
javascript/ql/test/query-tests/Declarations/DeadStoreOfLocal/externs.js Normal file
View File

@@ -0,0 +1,17 @@
/**
* @externs
*/
/**
* @param {string} a
* @param {string} b
*/
var foo = function(a, b) {};
/**
* @param {number} a
* @param {number} b
*/
foo = function(a, b) {};
exports.foo = foo;

7
javascript/ql/test/query-tests/Declarations/DeadStoreOfLocal/fields.js Normal file
View File

@@ -0,0 +1,7 @@
var x = 42;
class C {
myX = x
}
// semmle-extractor-options: --experimental --source-type module

6
javascript/ql/test/query-tests/Declarations/DeadStoreOfLocal/fundecls.js Normal file
View File

@@ -0,0 +1,6 @@
(function f(b) {
if (b) {
console.log(g.length); // fine both in v8 and in SpiderMonkey
function g() {}
}
}(true));

13
javascript/ql/test/query-tests/Declarations/DeadStoreOfLocal/fundecls2.js Normal file
View File

@@ -0,0 +1,13 @@
'use strict';
function run(f) {
f();
}
if (true) {
run(main);
function main() {
console.log("Yay!");
}
}

2
javascript/ql/test/query-tests/Declarations/DeadStoreOfLocal/m.js Normal file
View File

@@ -0,0 +1,2 @@
export let foo;
foo = 42;

13
javascript/ql/test/query-tests/Declarations/DeadStoreOfLocal/namespace.ts Normal file
View File

@@ -0,0 +1,13 @@
function registerSomething(x) {
x.foo();
}
namespace a.b.q {
var c = {
foo
};
registerSomething(c);
function foo() {} // OK
}

16
javascript/ql/test/query-tests/Declarations/DeadStoreOfLocal/overload.ts Normal file
View File

@@ -0,0 +1,16 @@
export function foo() {
function bar(x: number): number; // OK
function bar(x: string): string; // OK
function bar(x: any) { // OK
return x;
}
function baz(x: number): number; // OK
function baz(x: string): string; // OK
function baz(x: any) { // NOT OK, overwritten before use
return x;
}
baz = (x) => x;
return {bar: bar, baz: baz};
}

144
javascript/ql/test/query-tests/Declarations/DeadStoreOfLocal/tst.js Normal file
View File

@@ -0,0 +1,144 @@
function f() {
// OK: initialization to default value
var x = null, y = undefined, z;
x = {};
// NOT OK
y = 23;
y = 42;
for (var p in x)
y+p;
// OK: assignment to global
global = 42;
// NOT OK
var a = 23; a = 42;
// OK: captured variable
var b = 42;
return function() {
return b%2
};
}
function g() {
var x;
// OK
x = 23, x += 19;
// OK
var y = 42;
}
function h() {
// OK
var x = false;
try {
this.mayThrow();
x = true;
} catch(e) {}
console.log(x);
}
function k(data) {
// OK
for(var i=0;i<data.length;i++);
}
function l() {
var x = 23;
x = 42;
return x;
}
function m() {
var x = 23, y;
x = 42, y = x+14;
return x+y;
}
function n() {
var i = 0;
for(i = 0; i < 10; ++i);
}
function p() {
var i;
for (i=0; i < 10; ++i) {
if (Math.random() > .5)
// OK
i = 23;
}
}
function q() {
var self = this, node, next;
for (node = self.firstChild; node; ) {
next = node.next;
self.insert(node, self, true);
node = next;
}
self.remove();
}
function r() {
var i;
for (i = 0;;)
console.log(i);
}
function s() {
var container = document.createElement("div"),
div = document.createElement("div");
doStuffWith(container, div);
// OK
container = div = null;
}
// OK: the function expression could be made anonymous, but it's not
// worth flagging this as a violation
defineGetter(req, 'subdomains', function subdomains() {
var hostname = this.hostname;
if (!hostname) return [];
var offset = this.app.get('subdomain offset');
var subdomains = !isIP(hostname)
? hostname.split('.').reverse()
: [hostname];
return subdomains.slice(offset);
});
// OK: assigning default values
function t() {
var x;
x = false;
x = ""; x = '';
x = 0; x = 0.0; x = -1;
x = 42; return x;
}
// OK: unnecessary initialisation as type hint
function u() {
var x;
x = [];
x = {};
x = 42; return x;
}
// OK: assigning `undefined`
function v() {
var x;
x = void 0;
x = 42;
return x;
}
!function(o) {
var {x} = o;
x = 42;
return x;
}
// OK: assignments in dead code not flagged
!function() {
return;
var x;
x = 23;
x = 42;
return x;
}

30
javascript/ql/test/query-tests/Declarations/DeadStoreOfLocal/tst2.js Normal file
View File

@@ -0,0 +1,30 @@
function outer(b) {
// OK
let addSubdomain = false;
if (x) {
addSubdomain = true;
} else {
addSubdomain = false;
}
return {
inner: function () {
return addSubdomain ? 23 : 42;
}
};
}
function f(event) {
// OK
var message = event.data;
eme.init().then(() => NativeInfo.processApp('install', message.id));
}
function g() {
// NOT OK
let x = 23;
{
x = 42;
}
}

2
javascript/ql/test/query-tests/Declarations/DeclBeforeUse/DeclBeforeUse.expected Normal file
View File

@@ -0,0 +1,2 @@
| jslint.js:7:1:7:1 | z | Variable 'z' is used before its $@. | jslint.js:8:11:8:11 | z | declaration |
| tst2.js:5:13:5:13 | x | Variable 'x' is used before its $@. | tst2.js:6:5:6:5 | x | declaration |

1
javascript/ql/test/query-tests/Declarations/DeclBeforeUse/DeclBeforeUse.qlref Normal file
View File

@@ -0,0 +1 @@
Declarations/DeclBeforeUse.ql

4
javascript/ql/test/query-tests/Declarations/DeclBeforeUse/es2015.js Normal file
View File

@@ -0,0 +1,4 @@
import { foo as bar } from 'foo';
var foo;
class C extends D {}

8
javascript/ql/test/query-tests/Declarations/DeclBeforeUse/jslint.js Normal file
View File

@@ -0,0 +1,8 @@
/*global w, x:true*/
/* global y*/ // not a proper JSLint global declaration, but we (and JSHint) accept it anyway
/*global: z*/ // also not a proper global declaration
w; // OK
x; // OK
y; // not OK
z; // not OK
var x, y, z;

14
javascript/ql/test/query-tests/Declarations/DeclBeforeUse/tst.js Normal file
View File

@@ -0,0 +1,14 @@
function f(x) {
switch (x) {
case 23:
var y = x+19;
return y;
default:
var y = 42;
return g(y);
}
}
function g() {
return f(y-19);
}

11
javascript/ql/test/query-tests/Declarations/DeclBeforeUse/tst2.js Normal file
View File

@@ -0,0 +1,11 @@
function f(x) {
console.log(x); // OK
}
console.log(x); // NOT OK
var x = 1;
function g() {
console.log(y); // OK (not in same function)
}
var y = 1;

5
javascript/ql/test/query-tests/Declarations/DeclBeforeUse/typescript.ts Normal file
View File

@@ -0,0 +1,5 @@
@Component(Foo) // OK
class Foo {}
declare class Bar extends Baz {} // OK
declare class Baz {}

1
javascript/ql/test/query-tests/Declarations/DefaultArgumentReferencesNestedFunction/DefaultArgumentReferencesNestedFunction.expected Normal file
View File

@@ -0,0 +1 @@
| tst.js:1:19:1:28 | defaultVal | This expression refers to $@ before it is defined. | tst.js:2:5:4:5 | functio ... ;\\n } | defaultVal |

1
javascript/ql/test/query-tests/Declarations/DefaultArgumentReferencesNestedFunction/DefaultArgumentReferencesNestedFunction.qlref Normal file
View File

@@ -0,0 +1 @@
Declarations/DefaultArgumentReferencesNestedFunction.ql

6
javascript/ql/test/query-tests/Declarations/DefaultArgumentReferencesNestedFunction/tst.js Normal file
View File

@@ -0,0 +1,6 @@
function f(x, y = defaultVal(x)) {
function defaultVal(x) {
return x+19;
}
return x*y;
}

1
javascript/ql/test/query-tests/Declarations/DuplicateVarDecl/DuplicateVarDecl.expected Normal file
View File

@@ -0,0 +1 @@
| tst.js:2:11:2:16 | a = 42 | Variable a has already been declared $@. | tst.js:2:5:2:5 | a | here |

1
javascript/ql/test/query-tests/Declarations/DuplicateVarDecl/DuplicateVarDecl.qlref Normal file
View File

@@ -0,0 +1 @@
Declarations/DuplicateVarDecl.ql

7
javascript/ql/test/query-tests/Declarations/DuplicateVarDecl/tst.js Normal file
View File

@@ -0,0 +1,7 @@
// NOT OK
var a, b, a = 42;
// OK
var x;
var y;
var x;

9
javascript/ql/test/query-tests/Declarations/IneffectiveParameterType/IneffectiveParameterType.expected Normal file
View File

@@ -0,0 +1,9 @@
| tst.ts:3:41:3:41 | T | The parameter 'T' has type 'any', but its name coincides with the $@. | tst.ts:3:15:3:15 | T | type parameter T |
| tst.ts:7:15:7:15 | T | The parameter 'T' has type 'any', but its name coincides with the $@. | tst.ts:7:12:7:12 | T | type parameter T |
| tst.ts:10:26:10:26 | T | The parameter 'T' has type 'any', but its name coincides with the $@. | tst.ts:9:24:9:24 | T | type parameter T |
| tst.ts:11:54:11:54 | S | The parameter 'S' has type 'any', but its name coincides with the $@. | tst.ts:11:15:11:15 | S | type parameter S |
| tst.ts:15:10:15:15 | number | The parameter 'number' has type 'any', but its name coincides with the $@. | tst.ts:15:10:15:15 | number | predefined type 'number' |
| tst.ts:16:4:16:9 | number | The parameter 'number' has type 'any', but its name coincides with the $@. | tst.ts:16:4:16:9 | number | predefined type 'number' |
| tst.ts:19:23:19:37 | NumberFormatter | The parameter 'NumberFormatter' has type 'any', but its name coincides with the $@. | tst.ts:14:11:14:25 | NumberFormatter | interface NumberFormatter |
| tst.ts:22:18:22:23 | MyType | The parameter 'MyType' has type 'any', but its name coincides with the $@. | tst.ts:1:10:1:15 | MyType | imported type MyType |
| tst.ts:30:18:30:25 | Repeated | The parameter 'Repeated' has type 'any', but its name coincides with the $@. | tst.ts:26:11:26:18 | Repeated | interface Repeated |

1
javascript/ql/test/query-tests/Declarations/IneffectiveParameterType/IneffectiveParameterType.qlref Normal file
View File

@@ -0,0 +1 @@
Declarations/IneffectiveParameterType.ql

1
javascript/ql/test/query-tests/Declarations/IneffectiveParameterType/tst.js Normal file
View File

@@ -0,0 +1 @@
function getStuff(number) {} // OK: don't report anything related type annotations in .js files

36
javascript/ql/test/query-tests/Declarations/IneffectiveParameterType/tst.ts Normal file
View File

@@ -0,0 +1,36 @@
import { MyType, x } from 'somewhere';
function join<T>(items: T[], callback: (T) => string) { // NOT OK: (T) should be (x:T)
return items.map(callback).join(", ")
}
var box : <T>(T) => T[] = (x) => [x]; // NOT OK: (T) should be (x:T)
interface EventEmitter<T> {
addListener(listener: (T) => void): void; // NOT OK: (T) should be (x:T)
forwardFrom<S>(other: EventEmitter<S>, converter: (S) => T); // NOT OK: (S) should be (x:S)
}
interface NumberFormatter {
format(number): string; // NOT OK: (number) should be (x:number)
(number): string; // NOT OK: (number) should be (x:number)
}
type TextFormatter = (NumberFormatter) => string; // NOT OK: (NumberFormatter) should be (x:NumberFormatter)
var myGlobal : MyType;
var myCallback: (MyType) => void; // NOT OK: (MyType) should be (x:MyType)
var myOtherCallback : (x) => void; // OK: nothing indicates that 'x' is a type name.
interface Repeated { x: number; }
interface Repeated { y: number; }
interface Repeated { z: number; }
type Callback = (Repeated) => void; // NOT OK: but should only be reported once
class C {
getName(string) { // OK: parameter name is not part of signature
return null;
}
}

1
javascript/ql/test/query-tests/Declarations/InefficientMethodDefinition/InefficientMethodDefinition.expected Normal file
View File

@@ -0,0 +1 @@
| tst.js:6:5:6:28 | this.di ... \\n }; | dist should be added to the prototype object rather than to each instance. |

1
javascript/ql/test/query-tests/Declarations/InefficientMethodDefinition/InefficientMethodDefinition.qlref Normal file
View File

@@ -0,0 +1 @@
Declarations/InefficientMethodDefinition.ql

53
javascript/ql/test/query-tests/Declarations/InefficientMethodDefinition/tst.js Normal file
View File

@@ -0,0 +1,53 @@
function Point(x, y) {
this.x = x;
this.y = y;
// NOT OK
this.dist = function() {
return Math.sqrt(this.x*this.x + this.y*this.y);
};
// OK
this.getOriginalX = function() {
return x;
};
// OK
this.getOriginalXGetter = function() {
return function() {
return x;
};
};
// OK
this.getOtherOriginalXGetter = function() {
function getter() {
return x;
}
return getter;
};
if (x === 0)
// OK
this.dist = function() {
return y;
};
var o = {};
// OK
o.f = function() { return 23; };
}
// OK
var o = new(function() {
this.f = function() { return 42 };
});
// OK
(function() {
this.move = function(dx, dy) {
this.x += dx;
this.y += dy;
};
}).call(Point.prototype);

9
javascript/ql/test/query-tests/Declarations/MissingThisQualifier/MissingThisQualifier.expected Normal file
View File

@@ -0,0 +1,9 @@
| abstract-missing.ts:3:5:3:24 | setAudioProperties() | This call refers to a global function, and not the local method $@. | abstract-missing.ts:6:3:6:32 | abstrac ... ties(); | setAudioProperties |
| missing1.js:3:5:3:24 | setAudioProperties() | This call refers to a global function, and not the local method $@. | missing1.js:6:3:7:3 | setAudi ... (){\\n } | setAudioProperties |
| missing2.js:3:5:3:24 | setAudioProperties() | This call refers to a global function, and not the local method $@. | missing2.js:7:3:8:3 | static ... (){\\n } | setAudioProperties |
| namespaces-uses.ts:3:5:3:20 | globalFunction() | This call refers to a global function, and not the local method $@. | namespaces-uses.ts:2:3:4:3 | globalF ... OK\\n } | globalFunction |
| namespaces-uses.ts:6:5:6:26 | topName ... ction() | This call refers to a global function, and not the local method $@. | namespaces-uses.ts:5:3:7:3 | topName ... OK\\n } | topNamespaceFunction |
| namespaces-uses.ts:9:5:9:28 | childNa ... ction() | This call refers to a global function, and not the local method $@. | namespaces-uses.ts:8:3:10:3 | childNa ... OK\\n } | childNamespaceFunction |
| namespaces-uses.ts:16:7:16:22 | globalFunction() | This call refers to a global function, and not the local method $@. | namespaces-uses.ts:15:5:17:5 | globalF ... K\\n } | globalFunction |
| namespaces-uses.ts:30:7:30:22 | globalFunction() | This call refers to a global function, and not the local method $@. | namespaces-uses.ts:29:5:31:5 | globalF ... K\\n } | globalFunction |
| not-ignored-by-jslint.js:4:5:4:24 | setAudioProperties() | This call refers to a global function, and not the local method $@. | not-ignored-by-jslint.js:7:3:8:3 | setAudi ... (){\\n } | setAudioProperties |

1
javascript/ql/test/query-tests/Declarations/MissingThisQualifier/MissingThisQualifier.qlref Normal file
View File

@@ -0,0 +1 @@
Declarations/MissingThisQualifier.ql

7
javascript/ql/test/query-tests/Declarations/MissingThisQualifier/abstract-missing.ts Normal file
View File

@@ -0,0 +1,7 @@
abstract class Audio3D {
setAudioStream() {
setAudioProperties(); // NOT OK
}
abstract setAudioProperties();
}

2
javascript/ql/test/query-tests/Declarations/MissingThisQualifier/externs.js Normal file
View File

@@ -0,0 +1,2 @@
/** @externs */
function externs_setAudioProperties() {}

8
javascript/ql/test/query-tests/Declarations/MissingThisQualifier/ignored-by-externs.js Normal file
View File

@@ -0,0 +1,8 @@
class Audio3D {
setAudioStream() {
externs_setAudioProperties(); // OK
}
externs_setAudioProperties(){
}
}

9
javascript/ql/test/query-tests/Declarations/MissingThisQualifier/ignored-by-jslint.js Normal file
View File

@@ -0,0 +1,9 @@
/*global setAudioProperties*/
class Audio3D {
setAudioStream() {
setAudioProperties(); // OK
}
setAudioProperties(){
}
}

8
javascript/ql/test/query-tests/Declarations/MissingThisQualifier/missing1.js Normal file
View File

@@ -0,0 +1,8 @@
class Audio3D {
setAudioStream() {
setAudioProperties(); // NOT OK
}
setAudioProperties(){
}
}

9
javascript/ql/test/query-tests/Declarations/MissingThisQualifier/missing2.js Normal file
View File

@@ -0,0 +1,9 @@
class Audio3D {
static setAudioStream() {
setAudioProperties(); // NOT OK
}
static setAudioProperties(){
}
}

7
javascript/ql/test/query-tests/Declarations/MissingThisQualifier/namespaces-defs.ts Normal file
View File

@@ -0,0 +1,7 @@
function globalFunction(){}
namespace Top {
export function topNamespaceFunction(){}
}
namespace Top.Child {
export function childNamespaceFunction(){}
}

39
javascript/ql/test/query-tests/Declarations/MissingThisQualifier/namespaces-uses.ts Normal file
View File

@@ -0,0 +1,39 @@
class GlobalClass {
globalFunction(){
globalFunction(); // NOT OK
}
topNamespaceFunction(){
topNamespaceFunction(); // NOT OK
}
childNamespaceFunction(){
childNamespaceFunction(); // NOT OK
}
}
namespace Top {
class TopClass {
globalFunction(){
globalFunction(); // NOT OK
}
topNamespaceFunction(){
topNamespaceFunction(); // OK
}
childNamespaceFunction(){
childNamespaceFunction(); // NOT OK, but not flagged since the namespace resolution is ignored
}
}
}
namespace Top.Child {
class ChildClass {
globalFunction(){
globalFunction(); // NOT OK
}
topNamespaceFunction(){
topNamespaceFunction(); // OK
}
childNamespaceFunction(){
childNamespaceFunction(); // OK
}
}
}

11
javascript/ql/test/query-tests/Declarations/MissingThisQualifier/non-global.js Normal file
View File

@@ -0,0 +1,11 @@
function setAudioProperties(){}
class Audio3D {
setAudioStream() {
setAudioProperties(); // OK
}
setAudioProperties(){
}
}

9
javascript/ql/test/query-tests/Declarations/MissingThisQualifier/not-ignored-by-jslint.js Normal file
View File

@@ -0,0 +1,9 @@
/*global NOT_setAudioProperties*/
class Audio3D {
setAudioStream() {
setAudioProperties(); // NOT OK
}
setAudioProperties(){
}
}

9
javascript/ql/test/query-tests/Declarations/MissingThisQualifier/present1.js Normal file
View File

@@ -0,0 +1,9 @@
class Audio3D {
setAudioStream() {
this.setAudioProperties(); // OK
}
setAudioProperties(){
}
}

9
javascript/ql/test/query-tests/Declarations/MissingThisQualifier/present2.js Normal file
View File

@@ -0,0 +1,9 @@
class Audio3D {
static setAudioStream() {
this.setAudioProperties(); // OK
}
static setAudioProperties(){
}
}

10
javascript/ql/test/query-tests/Declarations/MissingThisQualifier/present3.js Normal file
View File

@@ -0,0 +1,10 @@
with ($()) {
var myClass = class Audio3D {
setAudioStream() {
setAudioProperties();
}
setAudioProperties(){
}
};
}

6
javascript/ql/test/query-tests/Declarations/MissingVarDecl/MissingVarDecl.expected Normal file
View File

@@ -0,0 +1,6 @@
| test.js:6:7:6:7 | i | Variable i is used like a local variable, but is missing a declaration. |
| test.js:14:7:14:7 | i | Variable i is used like a local variable, but is missing a declaration. |
| test.js:23:2:23:2 | y | Variable y is used like a local variable, but is missing a declaration. |
| test.js:54:10:54:10 | z | Variable z is used like a local variable, but is missing a declaration. |
| test.js:60:6:60:6 | y | Variable y is used like a local variable, but is missing a declaration. |
| test.js:66:2:66:2 | z | Variable z is used like a local variable, but is missing a declaration. |

1
javascript/ql/test/query-tests/Declarations/MissingVarDecl/MissingVarDecl.qlref Normal file
View File

@@ -0,0 +1 @@
Declarations/MissingVarDecl.ql

69
javascript/ql/test/query-tests/Declarations/MissingVarDecl/test.js Normal file
View File

@@ -0,0 +1,69 @@
var x;
function f(a) {
var sum = 0;
// NOT OK
for (i=0; i<a.length; ++i)
sum += g(a[i]);
return sum;
}
function g(b) {
var prod = 1;
// NOT OK
for (i=0; i<b.length; ++i)
prod *= b[i];
return prod;
}
function h() {
// OK: x is declared as a global in the same toplevel
x = 23;
// NOT OK: y is not declared as a global in the same toplevel (though it is declared in test2.js)
y = 19;
// OK: console is live
console.log(x+y);
}
function k(x) {
try {
return x.y;
} catch(e) {
// OK: Error is not reachable (in our current CFG)
throw new Error();
}
}
function l() {
// OK: z is not used
z = 56;
}
function m() {
// OK: z is live
z += 23;
}
function n() {
// OK: z is live
z = z + 23;
}
function p() {
// NOT OK
return (z = a[i]) && z+23;
}
function q() {
// NOT OK
var x;
y = 23,
z = y+19;
}
function r() {
// NOT OK
z = {};
for (var p in z)
;
}

1
javascript/ql/test/query-tests/Declarations/MissingVarDecl/test2.js Normal file
View File

@@ -0,0 +1 @@
var y;

4
javascript/ql/test/query-tests/Declarations/MissingVarDecl/tst3.js Normal file
View File

@@ -0,0 +1,4 @@
function sc_alert(i) {
for(;i;) ;
foo;
}

2
javascript/ql/test/query-tests/Declarations/MixedStaticInstanceThisAccess/MixedStaticInstanceThisAccess.expected Normal file
View File

@@ -0,0 +1,2 @@
| instanceStatic.js:3:9:3:16 | this.baz | Access to instance method $@ from static method $@ is not possible through `this`. | instanceStatic.js:5:5:7:5 | baz(){\\n\\n } | baz | instanceStatic.js:2:5:4:5 | static ... K\\n } | bar |
| staticInstance.js:3:9:3:16 | this.baz | Access to static method $@ from instance method $@ is not possible through `this`. | staticInstance.js:5:5:6:5 | static baz(){\\n } | baz | staticInstance.js:2:5:4:5 | bar(){\\n ... K\\n } | bar |

1
javascript/ql/test/query-tests/Declarations/MixedStaticInstanceThisAccess/MixedStaticInstanceThisAccess.qlref Normal file
View File

@@ -0,0 +1 @@
Declarations/MixedStaticInstanceThisAccess.ql

8
javascript/ql/test/query-tests/Declarations/MixedStaticInstanceThisAccess/instanceInstance.js Normal file
View File

@@ -0,0 +1,8 @@
class Foo {
bar(){
this.baz; // OK
}
baz(){
}
}

7
javascript/ql/test/query-tests/Declarations/MixedStaticInstanceThisAccess/instanceInstanceWithStaticExtra.js Normal file
View File

@@ -0,0 +1,7 @@
class Foo {
bar() {
this.baz; // OK
}
baz() {}
static baz() {}
}

8
javascript/ql/test/query-tests/Declarations/MixedStaticInstanceThisAccess/instanceStatic.js Normal file
View File

@@ -0,0 +1,8 @@
class Foo {
static bar(){
this.baz; // NOT OK
}
baz(){
}
}

6
javascript/ql/test/query-tests/Declarations/MixedStaticInstanceThisAccess/lvalue.js Normal file
View File

@@ -0,0 +1,6 @@
class A {
static foo() {}
constructor() {
this.foo = foo;
}
}

7
javascript/ql/test/query-tests/Declarations/MixedStaticInstanceThisAccess/staticInstance.js Normal file
View File

@@ -0,0 +1,7 @@
class Foo {
bar(){
this.baz; // NOT OK
}
static baz(){
}
}

8
javascript/ql/test/query-tests/Declarations/MixedStaticInstanceThisAccess/staticStatic.js Normal file
View File

@@ -0,0 +1,8 @@
class Foo {
static bar(){
this.baz; // OK
}
static baz(){
}
}

7
javascript/ql/test/query-tests/Declarations/MixedStaticInstanceThisAccess/staticStaticWithInstanceExtra.js Normal file
View File

@@ -0,0 +1,7 @@
class Foo {
static bar() {
this.baz; // OK
}
static baz() {}
baz() {}
}

8
javascript/ql/test/query-tests/Declarations/MixedStaticInstanceThisAccess/throughClass.js Normal file
View File

@@ -0,0 +1,8 @@
class Foo {
bar(){
Foo.baz; // OK
}
static baz(){
}
}

43
javascript/ql/test/query-tests/Declarations/MixedStaticInstanceThisAccess/tst.js Normal file
View File

@@ -0,0 +1,43 @@
class C1 {
test() {
this.f = x;
this.f; // OK
}
static f() {
}
}
class C2 {
static test() {
this.f = x;
this.f; // OK
}
f() {
}
}
class C3 {
test() {
this.f; // OK
}
static f() {
}
}
new C3().f = x;
class C4 {
static test() {
this.f; // OK
}
f() {
}
}
C4.f = x;

8
javascript/ql/test/query-tests/Declarations/RedeclaredVariable/RedeclaredVariable.expected Normal file
View File

@@ -0,0 +1,8 @@
| sameNameForFunctionAndVariable.js:2:10:2:13 | fun1 | This variable has already been declared $@. | sameNameForFunctionAndVariable.js:1:5:1:8 | fun1 | here |
| sameNameForFunctionAndVariable.js:7:5:7:8 | fun2 | This variable has already been declared $@. | sameNameForFunctionAndVariable.js:5:10:5:13 | fun2 | here |
| tst3.js:9:10:9:10 | f | This variable has already been declared $@. | tst3.js:3:10:3:10 | f | here |
| tst4.js:3:7:3:7 | x | This variable has already been declared $@. | tst4.js:2:7:2:7 | x | here |
| tst4.js:7:7:7:7 | x | This variable has already been declared $@. | tst4.js:6:12:6:12 | x | here |
| tst4.js:12:12:12:12 | i | This variable has already been declared $@. | tst4.js:11:7:11:7 | i | here |
| tst4.js:19:7:19:7 | y | This variable has already been declared $@. | tst4.js:17:7:17:7 | y | here |
| tst4.js:22:5:22:5 | g | This variable has already been declared $@. | tst4.js:6:10:6:10 | g | here |

1
javascript/ql/test/query-tests/Declarations/RedeclaredVariable/RedeclaredVariable.qlref Normal file
View File

@@ -0,0 +1 @@
Declarations/RedeclaredVariable.ql

5
javascript/ql/test/query-tests/Declarations/RedeclaredVariable/externs.js Normal file
View File

@@ -0,0 +1,5 @@
// OK: people sometimes use multiple declarations in an externs file to represent multiple type signatures
var f = function() {};
var f = function(x) {};
//semmle-extractor-options: --externs

1
javascript/ql/test/query-tests/Declarations/RedeclaredVariable/redeclaredVariable2.js Normal file
View File

@@ -0,0 +1 @@
var x;

4
javascript/ql/test/query-tests/Declarations/RedeclaredVariable/restprops.js Normal file
View File

@@ -0,0 +1,4 @@
var f = ({...p}) => {};
var g = ({...p}) => {};
// semmle-extractor-options: --experimental

11
javascript/ql/test/query-tests/Declarations/RedeclaredVariable/sameNameForFunctionAndVariable.js Normal file
View File

@@ -0,0 +1,11 @@
var fun1;
function fun1() {
}
function fun2() {
}
var fun2;
var fun3;
var fun = function fun3() {
}

13
javascript/ql/test/query-tests/Declarations/RedeclaredVariable/tst.js Normal file
View File

@@ -0,0 +1,13 @@
function f() {
// OK
var f;
}
function g() {
switch (0) {
default:
var i;
}
}
var i;

Some files were not shown because too many files have changed in this diff Show More