Kotlin: ignore properties in java/internal-representation-exposure check

2025-12-24 04:36:35 +01:00 · 2022-10-07 09:13:10 +02:00
parent e9a304bad0
commit cd64faf635
2 changed files with 6 additions and 3 deletions
--- a/Hiding/ExposeRepresentation.ql
+++ b/Hiding/ExposeRepresentation.ql
@@ -120,8 +120,12 @@ predicate exposesByStore(Callable c, Field f, Expr why, string whyText) {

 from Callable c, Field f, Expr why, string whyText
 where
-  exposesByReturn(c, f, why, whyText) or
-  exposesByStore(c, f, why, whyText)
+  (
+    exposesByReturn(c, f, why, whyText) or
+    exposesByStore(c, f, why, whyText)
+  ) and
+  // Kotlin properties expose internal representation, but it's not accidental, so ignore them
+  not exists(Property p | p.getBackingField() = f)
 select c,
  c.getName() + " exposes the internal representation stored in field " + f.getName() +
    ". The value may be modified $@.", why.getLocation(), whyText
--- a/java/ql/test/kotlin/query-tests/ExposeRepresentation/ExposeRepresentation.expected
+++ b/java/ql/test/kotlin/query-tests/ExposeRepresentation/ExposeRepresentation.expected
@@ -1 +0,0 @@
-| ExposesRep.kt:2:5:2:49 | getStrings | getStrings exposes the internal representation stored in field strings. The value may be modified $@. | User.kt:3:12:3:18 | User.kt:3:12:3:18 | after this call to getStrings |
				`@@ -1 +0,0 @@`
				`\| ExposesRep.kt:2:5:2:49 \| getStrings \| getStrings exposes the internal representation stored in field strings. The value may be modified $@. \| User.kt:3:12:3:18 \| User.kt:3:12:3:18 \| after this call to getStrings \|`