refactor isExplicitConditional into a library file, and use it from js/use-of-returnless-function

erik-krogh · erik-krogh · commit dedae5ba1d3e · 2019-10-08T11:54:56.000+02:00
diff --git a/javascript/ql/src/Statements/UseOfReturnlessFunction.ql b/javascript/ql/src/Statements/UseOfReturnlessFunction.ql
@@ -12,6 +12,7 @@
 import javascript
 import Declarations.UnusedVariable
 import Expressions.ExprHasNoEffect
+import Statements.UselessConditional
 
 predicate returnsVoid(Function f) {
   exists(f.getBody().(Stmt)) and
@@ -57,9 +58,8 @@ predicate benignContext(Expr e) {
   // It is ok (or to be flagged by another query?) to await a non-async function. 
   exists(AwaitExpr await | await.getOperand() = e and benignContext(await)) 
   or
-  
   // Avoid double reporting with js/trivial-conditional
-  exists(IfStmt ifStmt | ifStmt.getCondition() = e)
+  exists(ASTNode cond | isExplicitConditional(cond, e))
   or 
   // Avoid double reporting with js/comparison-between-incompatible-types
   exists(Comparison binOp | binOp.getAnOperand() = e)
diff --git a/javascript/ql/src/Statements/UselessConditional.ql b/javascript/ql/src/Statements/UselessConditional.ql
@@ -16,6 +16,7 @@ import javascript
 import semmle.javascript.RestrictedLocations
 import semmle.javascript.dataflow.Refinements
 import semmle.javascript.DefensiveProgramming
+import UselessConditional
 
 /**
  * Gets the unique definition of `v`.
@@ -123,21 +124,7 @@ predicate whitelist(Expr e) {
   isConstantBooleanReturnValue(e)
 }
 
-/**
- * Holds if `e` is part of a conditional node `cond` that evaluates
- * `e` and checks its value for truthiness, and the return value of `e`
- * is not used for anything other than this truthiness check.
- */
-predicate isExplicitConditional(ASTNode cond, Expr e) {
-  e = cond.(IfStmt).getCondition()
-  or
-  e = cond.(LoopStmt).getTest()
-  or
-  e = cond.(ConditionalExpr).getCondition()
-  or
-  isExplicitConditional(_, cond) and
-  e = cond.(Expr).getUnderlyingValue().(LogicalBinaryExpr).getAnOperand()
-}
+
 
 /**
  * Holds if `e` is part of a conditional node `cond` that evaluates
diff --git a/javascript/ql/src/Statements/UselessConditional.qll b/javascript/ql/src/Statements/UselessConditional.qll
@@ -0,0 +1,17 @@
+import javascript
+
+/**
+ * Holds if `e` is part of a conditional node `cond` that evaluates
+ * `e` and checks its value for truthiness, and the return value of `e`
+ * is not used for anything other than this truthiness check.
+ */
+predicate isExplicitConditional(ASTNode cond, Expr e) {
+  e = cond.(IfStmt).getCondition()
+  or
+  e = cond.(LoopStmt).getTest()
+  or
+  e = cond.(ConditionalExpr).getCondition()
+  or
+  isExplicitConditional(_, cond) and
+  e = cond.(Expr).getUnderlyingValue().(LogicalBinaryExpr).getAnOperand()
+}
diff --git a/javascript/ql/test/query-tests/Statements/UseOfReturnlessFunction/tst.js b/javascript/ql/test/query-tests/Statements/UseOfReturnlessFunction/tst.js
@@ -29,4 +29,12 @@
 	
 	var d = 42 + (42, onlySideEffects()); // NOT OK! 
 	console.log(d);
+	
+	if (onlySideEffects()) { 
+		// nothing.
+	}
+	
+	for (i = 0; onlySideEffects(); i++) {
+		// nothing. 
+	}
 })();
