hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-30 14:52:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
f279fa17afd8950b71ca9e81ce6b8a55ebf109bd
codeql/ql/src/RedundantCode/NegativeLengthCheck.qhelp
Owen Mansel-Chan 97bbdca8a3 Extend negativeLengthCheck query to unsigned integers 
Like return values from len and cap, unsigned integers are never negative
2020-08-11 10:48:03 +01:00

46 lines
1.3 KiB
XML
Raw Blame History

<!DOCTYPE qhelp PUBLIC
"-//Semmle//qhelp//EN"
"qhelp.dtd">
<qhelp>
<overview>
<p>
The built-in <code>len</code> function returns the length of an array, slice or similar, which is
never less than zero. Hence, checking whether the result of a call to <code>len</code> is negative
is either redundant or indicates a logic mistake.
</p>
<p>
The same applies to the built-in function <code>cap</code>, and to unsigned integer values.
</p>
</overview>
<recommendation>
<p>
Examine the length check to see whether it is redundant and can be removed, or a mistake that
should be fixed.
</p>
</recommendation>
<example>
<p>
The example below shows a function that returns the first element of an array, triggering a panic
if the array is empty:
</p>
<sample src="NegativeLengthCheck.go" />
<p>
However, the emptiness check is ineffective: since <code>len(xs)</code> is never less than zero,
the condition will never hold and no panic will be triggered. Instead, the index expression
<code>xs[0]</code> will cause a panic.
</p>
<p>
The check should be rewritten like this:
</p>
<sample src="NegativeLengthCheckGood.go" />
</example>
<references>
<li>Package builtin: <a href="https://golang.org/pkg/builtin/#cap">func cap</a>.</li>
<li>Package builtin: <a href="https://golang.org/pkg/builtin/#len">func len</a>.</li>
</references>
</qhelp>
Reference in New Issue View Git Blame Copy Permalink