C++: Add missing parent scope cases #17776
Conversation
| @@ -14,7 +17,11 @@ | |||
| | 1 | parents.cpp:4:10:4:10 | f | parents.cpp:4:19:13:5 | { ... } | | |||
| | 1 | parents.cpp:4:19:13:5 | { ... } | parents.cpp:5:11:5:11 | j | | |||
| | 1 | parents.cpp:4:19:13:5 | { ... } | parents.cpp:6:11:10:7 | { ... } | | |||
| | 1 | parents.cpp:4:19:13:5 | { ... } | parents.cpp:11:18:11:18 | e | | |||
There was a problem hiding this comment.
It feels like the parent of e should be something associated with the catch block on line 11, rather than the entire function. I can see that this wouldn't fit the current definition of what getParentScope can return. And what you have is probably good enough for what getParentScope is used for.
There was a problem hiding this comment.
Yeah, agreed. I struggled a bit with that one initially. What I do now seems to be most in line with all the other cases that are there, and what we want when looking for shadowing.
Which query is this? |
|
Yep, discussing the intent with one of the authors might help to untangle what's going on there. |
|
I've reported the issue on the coding standards repo. I assume they'll have a look once they upgrade to CodeQL 2.19.3 or later. |
| this = p and | ||
| ( | ||
| result = p.getFunction() or | ||
| result = p.getCatchBlock().getParent().(Handler).getParent().(TryStmt).getParent() or |
There was a problem hiding this comment.
@jketema Could you explain the rationale behind making the parent scope of a catch block parameter the parent scope of the TryStmt? Surely it should be the catch block itself?
This is what is breaking the Coding Standards IdentifierHiding.ql query. That query tries to find pairs of identifiers where the second hides the first. By considering to the parameter of a catch block to have a parent scope of the parent of the TryStmt we erroneously report cases like this:
{
int i; // COMPLIANT
}
try {
} catch (int i) { // COMPLIANT
}There was a problem hiding this comment.
Could you explain the rationale behind making the parent scope of a catch block parameter the parent scope of the TryStmt? Surely it should be the catch block itself?
This seemed to be most consistent with the other cases here. For example, for functions the parent scope is the whole function, and not the statement block that forms the body of the function. The latter would correspond with the catch block in the case of a try-catch.
There was a problem hiding this comment.
For example, for functions the parent scope is the whole function
Just checking, but I presume you mean "for parameters the parent scope is the whole function"?
If so, I think it would be reasonable on that basis to report the Handler of the CatchBlock as the parent scope of the parameter. But reporting the parent of the TryStmt as the "scope" erroneously puts it in the same scope as other variables declared outside the TryStmt. Given the main purpose of this predicate is to support identifier hiding queries, this seems like it's not ideal.
There was a problem hiding this comment.
The problem is that Handler is not exposed anywhere else in the QL API, and it's only really visible in the AST, so that's far from ideal either.
This is mostly used to detect the shadowing of variable declarations.
DCA shows no changes. This does break some coding standards tests. I'll update the test results there after this is merged, and open an issue that informs the coding standards people of this. I briefly looked at fixing the query, but (a) it's not clearly documented what the query should do, and (b) this requires digging through about 400 lines of query code, which I find very hard to follow.
Pull Request checklist
All query authors
.qhelp. See the documentation in this repository.Internal query authors only
.ql,.qll, or.qhelpfiles. See the documentation (internal access required).