mirror of
https://github.com/github/codeql.git
synced 2025-12-19 18:33:16 +01:00
f07a7bf8cf
Will need subsequent PRs fixing up test failures (due to deprecated methods moving around), but other than that everything should be straight-forward.
30 lines
901 B
Plaintext
30 lines
901 B
Plaintext
/**
|
|
* @name First argument to super() is not enclosing class
|
|
* @description Calling super with something other than the enclosing class may cause incorrect object initialization.
|
|
* @kind problem
|
|
* @tags reliability
|
|
* maintainability
|
|
* convention
|
|
* external/cwe/cwe-687
|
|
* @problem.severity error
|
|
* @sub-severity low
|
|
* @precision high
|
|
* @id py/super-not-enclosing-class
|
|
*/
|
|
|
|
import python
|
|
|
|
from CallNode call_to_super, string name
|
|
where
|
|
exists(GlobalVariable gv, ControlFlowNode cn |
|
|
call_to_super = ClassValue::super_().getACall() and
|
|
gv.getId() = "super" and
|
|
cn = call_to_super.getArg(0) and
|
|
name = call_to_super.getScope().getScope().(Class).getName() and
|
|
exists(ClassValue other |
|
|
cn.pointsTo(other) and
|
|
not other.getScope().getName() = name
|
|
)
|
|
)
|
|
select call_to_super.getNode(), "First argument to super() should be " + name + "."
|