mirror of
https://github.com/github/codeql.git
synced 2026-01-12 14:10:21 +01:00
51 lines
1.6 KiB
Plaintext
51 lines
1.6 KiB
Plaintext
/**
|
|
* @name Overwritten property
|
|
* @description If an object literal has two properties with the same name,
|
|
* the second property overwrites the first one,
|
|
* which makes the code hard to understand and error-prone.
|
|
* @kind problem
|
|
* @problem.severity error
|
|
* @id js/overwritten-property
|
|
* @tags reliability
|
|
* correctness
|
|
* external/cwe/cwe-563
|
|
* @precision very-high
|
|
*/
|
|
|
|
import Expressions.Clones
|
|
|
|
/**
|
|
* Holds if `p` is the `i`th property of object expression `o`, and its
|
|
* kind is `kind`.
|
|
*
|
|
* The kind is an integer value indicating whether `p` is a value property (0),
|
|
* a getter (1) or a setter (2).
|
|
*/
|
|
predicate hasProperty(ObjectExpr o, Property p, string name, int kind, int i) {
|
|
p = o.getProperty(i) and
|
|
name = p.getName() and
|
|
kind = p.getKind()
|
|
}
|
|
|
|
/**
|
|
* Holds if property `p` appears before property `q` in the same object literal and
|
|
* both have the same name and kind, but are not structurally identical.
|
|
*/
|
|
predicate overwrittenBy(Property p, Property q) {
|
|
exists(ObjectExpr o, string name, int i, int j, int kind |
|
|
hasProperty(o, p, name, kind, i) and
|
|
hasProperty(o, q, name, kind, j) and
|
|
i < j
|
|
) and
|
|
// exclude structurally identical properties: they are flagged by
|
|
// the DuplicateProperty query
|
|
not p.getInit().(DuplicatePropertyInitDetector).same(q.getInit())
|
|
}
|
|
|
|
from Property p, Property q
|
|
where
|
|
overwrittenBy(p, q) and
|
|
// ensure that `q` is the last property with the same name as `p`
|
|
not overwrittenBy(q, _)
|
|
select p, "This property is overwritten by $@ in the same object literal.", q, "another property"
|