mirror of
https://github.com/github/codeql.git
synced 2026-01-30 23:02:56 +01:00
28 lines
1.0 KiB
Plaintext
28 lines
1.0 KiB
Plaintext
/**
|
|
* @name Comparison of identical values
|
|
* @description If the same expression occurs on both sides of a comparison
|
|
* operator, the operator is redundant, and probably indicates a mistake.
|
|
* @kind problem
|
|
* @problem.severity warning
|
|
* @id go/comparison-of-identical-expressions
|
|
* @tags correctness
|
|
* external/cwe/cwe-570
|
|
* external/cwe/cwe-571
|
|
* @precision very-high
|
|
*/
|
|
|
|
import go
|
|
|
|
from Comparison cmp, Expr l
|
|
where
|
|
l = cmp.getLeftOperand() and
|
|
l.getGlobalValueNumber() = cmp.getRightOperand().getGlobalValueNumber() and
|
|
// whitelist floats, where self-comparison may be used for NaN checks
|
|
not l.getType().getUnderlyingType() instanceof FloatType and
|
|
// whitelist comparisons of symbolic constants to literal constants; these are often feature flags
|
|
not exists(DeclaredConstant decl |
|
|
cmp.getAnOperand() = decl.getAReference() and
|
|
cmp.getAnOperand() instanceof BasicLit
|
|
)
|
|
select cmp, "This expression compares $@ to itself.", cmp.getLeftOperand(), "an expression"
|