mirror of
https://github.com/github/codeql.git
synced 2025-12-28 22:56:32 +01:00
a803120414
These queries are currently run by default, but don't have their results displayed. Looking through results on LGTM.com, they are either false positives (e.g., `BitwiseSignCheck` which flags many perfectly harmless operations and `CompareIdenticalValues` which mostly flags NaN checks) or harmless results that developers are unlikely to care about (e.g., `EmptyArrayInit` or `MisspelledIdentifier`). With this PR, the only queries that are still run but not displayed are security queries, where different considerations may apply.
31 lines
902 B
Plaintext
31 lines
902 B
Plaintext
/**
|
|
* @name Nested loops with same variable
|
|
* @description Nested loops in which the iteration variable is the same for each loop are difficult
|
|
* to understand.
|
|
* @kind problem
|
|
* @problem.severity warning
|
|
* @id js/nested-loops-with-same-variable
|
|
* @tags maintainability
|
|
* correctness
|
|
* @precision low
|
|
*/
|
|
|
|
import javascript
|
|
|
|
/**
|
|
* Gets an iteration variable that loop `for` tests and updates.
|
|
*/
|
|
Variable getAnIterationVariable(ForStmt for) {
|
|
result.getAnAccess().getParentExpr*() = for.getTest() and
|
|
exists(UpdateExpr upd | upd.getParentExpr*() = for.getUpdate() |
|
|
upd.getOperand() = result.getAnAccess()
|
|
)
|
|
}
|
|
|
|
from ForStmt outer, ForStmt inner
|
|
where
|
|
inner.nestedIn(outer) and
|
|
getAnIterationVariable(outer) = getAnIterationVariable(inner)
|
|
select inner.getTest(), "This for statement uses the same loop variable as an enclosing $@.", outer,
|
|
"for statement"
|