mirror of
https://github.com/github/codeql.git
synced 2026-02-25 03:13:43 +01:00
78c33ab55a
For now, these have just been made into `private` imports. After doing
this, I went through all of the (now not compiling) files and added in
private imports to the modules that they actually depended on.
I also added an explicit import of `LegacyPointsTo` (even though it may
be unnecessary) in cases where the points-to dependency was somewhat
surprising (and one we want to get rid of). This was primarily inside
the various SSA layers.
For modules inside `semmle.python.{types, objects, pointsto}` I did not
bother, as these are fairly clearly related to points-to.
40 lines
1.1 KiB
Plaintext
40 lines
1.1 KiB
Plaintext
/**
|
|
* @name Potentially uninitialized local variable
|
|
* @description Using a local variable before it is initialized causes an UnboundLocalError.
|
|
* @kind problem
|
|
* @tags quality
|
|
* reliability
|
|
* correctness
|
|
* @problem.severity error
|
|
* @sub-severity low
|
|
* @precision medium
|
|
* @id py/uninitialized-local-variable
|
|
*/
|
|
|
|
import python
|
|
private import LegacyPointsTo
|
|
import Undefined
|
|
|
|
predicate uninitialized_local(NameNode use) {
|
|
exists(FastLocalVariable local | use.uses(local) or use.deletes(local) |
|
|
not local.escapes() and not local = any(Nonlocal nl).getAVariable()
|
|
) and
|
|
(
|
|
any(Uninitialized uninit).taints(use) and
|
|
PointsToInternal::reachableBlock(use.getBasicBlock(), _)
|
|
or
|
|
not exists(EssaVariable var | var.getASourceUse() = use)
|
|
)
|
|
}
|
|
|
|
predicate explicitly_guarded(NameNode u) {
|
|
exists(Try t |
|
|
t.getBody().contains(u.getNode()) and
|
|
t.getAHandler().getType().(ExprWithPointsTo).pointsTo(ClassValue::nameError())
|
|
)
|
|
}
|
|
|
|
from NameNode u
|
|
where uninitialized_local(u) and not explicitly_guarded(u)
|
|
select u.getNode(), "Local variable '" + u.getId() + "' may be used before it is initialized."
|