Range analysis and useless-comparison query: don't treat all unicode surrogates as if they are U+FFFD #7239
Conversation
|
I don't think this is the right fix. Instead I think that |
|
The predicate |
smowton
force-pushed
the
smowton/fix/useless-comparison-surrogates
branch
from
a6ccd43 to
db39c0b
Compare
|
👍 pushed the in-place fix instead |
| @@ -731,7 +743,11 @@ class CharacterLiteral extends Literal, @characterliteral { | |||
| * this literal. The result is the same as if the Java code had cast | |||
| * the character to an `int`. | |||
| */ | |||
| int getCodePointValue() { result.toUnicode() = this.getValue() } | |||
| int getCodePointValue() { | |||
| if this.getLiteral().matches("'\\u%'") | |||
There was a problem hiding this comment.
Let's make the match pattern slightly more precise.
| if this.getLiteral().matches("'\\u%'") | |
| if this.getLiteral().matches("'\\u____'") |
| @@ -713,6 +713,18 @@ class DoubleLiteral extends Literal, @doubleliteral { | |||
| override string getAPrimaryQlClass() { result = "DoubleLiteral" } | |||
| } | |||
|
|
|||
| // Implementation taken from @p0 at https://github.com/github/codeql/issues/4145 | |||
There was a problem hiding this comment.
No need for this comment, I think.
|
@aschackmull done |
There was a problem hiding this comment.
It's technically possible to construct examples where getCodePointValue still returns the wrong value 65533 (when a surrogate literal doesn't match "'\\u____'"), but these examples are extremely obscure, so I'm not sure that it's worth the effort to properly support them until we see an actual need.
No description provided.