Java: Port C++ query cpp/continue-in-false-loop.

2025-12-16 16:53:25 +01:00 · 2019-10-22 17:02:37 +02:00
parent 1c79ec550e
commit da57dbc528
3 changed files with 52 additions and 0 deletions
--- a/change-notes/1.23/analysis-java.md
+++ b/change-notes/1.23/analysis-java.md
@@ -2,6 +2,12 @@

 The following changes in version 1.23 affect Java analysis in all applications.

+## New queries
+
+| **Query**                   | **Tags**  | **Purpose**                                                        |
+|-----------------------------|-----------|--------------------------------------------------------------------|
+| Continue statement that does not continue (`java/continue-in-false-loop`) | correctness | Finds `continue` statements in `do { ... } while (false)` loops. |
+
 ## Changes to existing queries

 | **Query**                    | **Expected impact**    | **Change**                        |
--- a/Bugs/Statements/ContinueInFalseLoop.qhelp
+++ b/Bugs/Statements/ContinueInFalseLoop.qhelp
@@ -0,0 +1,25 @@
+<!DOCTYPE qhelp PUBLIC
+  "-//Semmle//qhelp//EN"
+  "qhelp.dtd">
+<qhelp>
+
+
+<overview>
+<p>A <code>continue</code> statement only re-runs the loop if the loop condition is true. Therefore using <code>continue</code> in a loop with a constant false condition will never cause the loop body to be re-run, which is misleading.
+</p>
+
+</overview>
+<recommendation>
+
+<p>Replace the <code>continue</code> statement with a <code>break</code> statement if the intent is to break from the loop.
+</p>
+
+</recommendation>
+
+<references>
+<li>
+Java Language Specification:
+<a href="http://docs.oracle.com/javase/specs/jls/se8/html/jls-14.html#jls-14.13">14.13 The do Statement</a>.
+</li>
+</references>
+</qhelp>
--- a/Bugs/Statements/ContinueInFalseLoop.ql
+++ b/Bugs/Statements/ContinueInFalseLoop.ql
@@ -0,0 +1,21 @@
+/**
+ * @name Continue statement that does not continue
+ * @description A 'continue' statement only re-runs the loop if the
+ *              loop-condition is true. Therefore using 'continue' in a loop
+ *              with a constant false condition is misleading and usually a
+ *              bug.
+ * @kind problem
+ * @id java/continue-in-false-loop
+ * @problem.severity warning
+ * @precision high
+ * @tags correctness
+ */
+
+import java
+
+from DoStmt do, ContinueStmt continue
+where
+  do.getCondition().(BooleanLiteral).getBooleanValue() = false and
+  continue.(JumpStmt).getTarget() = do
+select continue, "This 'continue' never re-runs the loop - the $@ is always false.",
+  do.getCondition(), "loop condition"