mirror of
https://github.com/github/codeql.git
synced 2025-12-24 20:56:33 +01:00
f07a7bf8cf
Will need subsequent PRs fixing up test failures (due to deprecated methods moving around), but other than that everything should be straight-forward.
28 lines
624 B
Plaintext
28 lines
624 B
Plaintext
/**
|
|
* @name Asserting a tuple
|
|
* @description Using an assert statement to test a tuple provides no validity checking.
|
|
* @kind problem
|
|
* @tags reliability
|
|
* maintainability
|
|
* external/cwe/cwe-670
|
|
* @problem.severity error
|
|
* @sub-severity low
|
|
* @precision very-high
|
|
* @id py/asserts-tuple
|
|
*/
|
|
|
|
import python
|
|
|
|
from Assert a, string b, string non
|
|
where
|
|
a.getTest() instanceof Tuple and
|
|
(
|
|
if exists(a.getTest().(Tuple).getAnElt())
|
|
then (
|
|
b = "True" and non = "non-"
|
|
) else (
|
|
b = "False" and non = ""
|
|
)
|
|
)
|
|
select a, "Assertion of " + non + "empty tuple is always " + b + "."
|