The Wayback Machine - https://web.archive.org/web/20260225114205/https://github.com/github/codeql/pull/8411
Skip to content

Comments

QL: add restrictive transitive closure query#8411

Open
erik-krogh wants to merge 4 commits intogithub:mainfrom
erik-krogh:starRestrict
Open

QL: add restrictive transitive closure query#8411
erik-krogh wants to merge 4 commits intogithub:mainfrom
erik-krogh:starRestrict

Conversation

@erik-krogh
Copy link
Contributor

@erik-krogh erik-krogh commented Mar 11, 2022
edited
Loading

Identifies the mistake fixed in this PR: #8380

Basically, a transitive closure might restrict the type when you do zero steps through it, which might not be intentional.
I think the results found by the query are benign (except for the one already fixed, and the one in the experimental query).

@erik-krogh erik-krogh marked this pull request as ready for review March 11, 2022 20:50
@erik-krogh erik-krogh requested a review from a team as a code owner March 11, 2022 20:50
tausbn
tausbn requested changes Jul 14, 2022
View reviewed changes
Copy link
Contributor

@tausbn tausbn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few comments, otherwise this looks good to me.

Out of interest, is there a "canonical" fix for the case where you don't want the type to be restricted?

ql/ql/src/queries/bugs/RestrictiveClosure.ql Outdated
Comment on lines 46 to 51
not exists(MemberCall memberCall | memberCall.getBase() = c |
not exists(ClassPredicate pred |
pred = superClass*(base).getClassPredicate(memberCall.getMemberName()) and
memberCall.getNumberOfArguments() = pred.getArity()
)
)
Copy link
Contributor

@tausbn tausbn Jul 14, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

not exists ... not ... Is this just a forall?

erik-krogh and others added 2 commits July 14, 2022 23:41
@erik-krogh @tausbn
fix typo
57bef54 
Co-authored-by: Taus <tausbn@github.com>
@erik-krogh
simplify code based on review
940d366
@erik-krogh
Copy link
Contributor Author

erik-krogh commented Aug 9, 2022

Out of interest, is there a "canonical" fix for the case where you don't want the type to be restricted?

The fix I went for was to replace: stepPred*(x) with [x, stepPred+(x)].
That fix should work in all cases.

@erik-krogh erik-krogh requested a review from tausbn August 9, 2022 19:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tausbn tausbn Awaiting requested review from tausbn

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

QL-for-QL

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@erik-krogh @tausbn
HTTPS · web.archive.org
← Home