hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
f3e4f94e81ece832577bd0426c9753e98464005f
codeql/docs/codeql/codeql-language-guides/basic-query-for-python-code.rst
Felicity Chapman 0d7b27d4e4 A few fixes
2022-11-29 15:52:29 +00:00

129 lines
9.9 KiB
ReStructuredText
Raw Blame History

.. _basic-query-for-python-code:
Basic query for Python code
===========================
Learn to write and run a simple CodeQL query using Visual Studio Code with the CodeQL extension.
.. include:: ../reusables/vs-code-basic-instructions/setup-to-run-queries.rst
About the query
---------------
The query we're going to run performs a basic search of the code for ``if`` statements that are redundant, in the sense that they only include a ``pass`` statement. For example, code such as:
.. code-block:: python
if error: pass
.. include:: ../reusables/vs-code-basic-instructions/find-database.rst
Running a quick query
---------------------
.. include:: ../reusables/vs-code-basic-instructions/run-quick-query-1.rst
#. In the quick query tab, delete ``select ""`` and paste the following query beneath the import statement ``import python``.
.. code-block:: ql
from If ifstmt, Stmt pass
where pass = ifstmt.getStmt(0) and
pass instanceof Pass
select ifstmt, "This 'if' statement is redundant."
.. include:: ../reusables/vs-code-basic-instructions/run-quick-query-2.rst
.. image:: ../images/codeql-for-visual-studio-code/basic-python-query-results-1.png
:align: center
If any matching code is found, click a link in the ``ifstmt`` column to open the file and highlight the matching ``if`` statement.
.. image:: ../images/codeql-for-visual-studio-code/basic-python-query-results-2.png
:align: center
.. include:: ../reusables/vs-code-basic-instructions/note-store-quick-query.rst
About the query structure
~~~~~~~~~~~~~~~~~~~~~~~~~
After the initial ``import`` statement, this simple query comprises three parts that serve similar purposes to the FROM, WHERE, and SELECT parts of an SQL query.
+---------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+
| Query part | Purpose | Details |
+===============================================================+===================================================================================================================+========================================================================================================================+
| ``import python`` | Imports the standard CodeQL libraries for Python. | Every query begins with one or more ``import`` statements. |
+---------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+
| ``from If ifstmt, Stmt pass`` | Defines the variables for the query. | We use: |
| | Declarations are of the form: | |
| | ``<type> <variable name>`` | - an ``If`` variable for ``if`` statements |
| | | - a ``Stmt`` variable for the statement |
+---------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+
| ``where pass = ifstmt.getStmt(0) and pass instanceof Pass`` | Defines a condition on the variables. | ``pass = ifstmt.getStmt(0)``: ``pass`` is the first statement in the ``if`` statement. |
| | | |
| | | ``pass instanceof Pass``: ``pass`` must be a pass statement. |
| | | |
| | | In other words, the first statement contained in the ``if`` statement is a ``pass`` statement. |
+---------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+
| ``select ifstmt, "This 'if' statement is redundant."`` | Defines what to report for each match. | Reports the resulting ``if`` statement with a string that explains the problem. |
| | | |
| | ``select`` statements for queries that are used to find instances of poor coding practice are always in the form: | |
| | ``select <program element>, "<alert message>"`` | |
+---------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+
Extend the query
----------------
Query writing is an inherently iterative process. You write a simple query and then, when you run it, you discover examples that you had not previously considered, or opportunities for improvement.
Remove false positive results
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Browsing the results of our basic query shows that it could be improved. Among the results you are likely to find examples of ``if`` statements with an ``else`` branch, where a ``pass`` statement does serve a purpose. For example:
.. code-block:: python
if cond():
pass
else:
do_something()
In this case, identifying the ``if`` statement with the ``pass`` statement as redundant is a false positive. One solution to this is to modify the query to ignore ``pass`` statements if the ``if`` statement has an ``else`` branch.
To exclude ``if`` statements that have an ``else`` branch:
#. Extend the ``where`` clause to include the following extra condition:
.. code-block:: ql
and not exists(ifstmt.getOrelse())
The ``where`` clause is now:
.. code-block:: ql
where pass = ifstmt.getStmt(0) and
pass instanceof Pass and
not exists(ifstmt.getOrelse())
#. Re-run the query.
There are now fewer results because ``if`` statements with an ``else`` branch are no longer included.
Further reading
---------------
.. include:: ../reusables/python-further-reading.rst
.. include:: ../reusables/codeql-ref-tools-further-reading.rst
.. Article-specific substitutions for the reusables used in docs/codeql/reusables/vs-code-basic-instructions
.. |language-text| replace:: Python
.. |language-code| replace:: ``python``
.. |example-url| replace:: https://github.com/saltstack/salt
.. |image-quick-query| image:: ../images/codeql-for-visual-studio-code/quick-query-tab-python.png
.. |result-col-1| replace:: The first column corresponds to the expression ``ifstmt`` and is linked to the location in the source code of the project where ``ifstmt`` occurs.
Reference in New Issue View Git Blame Copy Permalink