From 5a3466e3edafdc53ffdee293ae03932cbedd8999 Mon Sep 17 00:00:00 2001 From: neal1991 Date: Wed, 23 Dec 2020 13:20:10 +0800 Subject: [PATCH 1/2] address issue #4870 to elimate false positive results --- docs/codeql/codeql-language-guides/javadoc.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/codeql/codeql-language-guides/javadoc.rst b/docs/codeql/codeql-language-guides/javadoc.rst index 7e16cc6ce36c..1289df79a956 100644 --- a/docs/codeql/codeql-language-guides/javadoc.rst +++ b/docs/codeql/codeql-language-guides/javadoc.rst @@ -88,7 +88,7 @@ It's now easy to add another conjunct to the ``where`` clause, restricting the q from Callable c, ParamTag pt where c.getDoc().getJavadoc() = pt.getParent() and - not c.getAParameter().hasName(pt.getParamName()) + not c.getAParameter().hasName(pt.getParamName().replaceAll(",", "")) select pt, "Spurious @param tag." Example: Finding spurious @throws tags From 65039693b096d84691ac7520f409066db32e5d2b Mon Sep 17 00:00:00 2001 From: neal1991 Date: Wed, 23 Dec 2020 14:06:13 +0800 Subject: [PATCH 2/2] add more charaters to elimate --- docs/codeql/codeql-language-guides/javadoc.rst | 2 +- .../Advisory/Documentation/SpuriousJavadocParam.ql | 12 +++++++----- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/docs/codeql/codeql-language-guides/javadoc.rst b/docs/codeql/codeql-language-guides/javadoc.rst index 1289df79a956..0e456bb35beb 100644 --- a/docs/codeql/codeql-language-guides/javadoc.rst +++ b/docs/codeql/codeql-language-guides/javadoc.rst @@ -88,7 +88,7 @@ It's now easy to add another conjunct to the ``where`` clause, restricting the q from Callable c, ParamTag pt where c.getDoc().getJavadoc() = pt.getParent() and - not c.getAParameter().hasName(pt.getParamName().replaceAll(",", "")) + not c.getAParameter().hasName(pt.getParamName().regexpReplaceAll(",|:|\\.","")) select pt, "Spurious @param tag." Example: Finding spurious @throws tags diff --git a/java/ql/src/Advisory/Documentation/SpuriousJavadocParam.ql b/java/ql/src/Advisory/Documentation/SpuriousJavadocParam.ql index 88c100b86931..8e876c2a144b 100644 --- a/java/ql/src/Advisory/Documentation/SpuriousJavadocParam.ql +++ b/java/ql/src/Advisory/Documentation/SpuriousJavadocParam.ql @@ -10,22 +10,24 @@ import java -from Callable callable, ParamTag paramTag, string what, string msg +from Callable callable, ParamTag paramTag, string what, string msg, string paramTagName where callable.(Documentable).getJavadoc().getAChild() = paramTag and (if callable instanceof Constructor then what = "constructor" else what = "method") and - if exists(paramTag.getParamName()) + paramTagName = paramTag.getParamName().regexpReplaceAll(",|:|\\.","") and + if exists(paramTagName) then // The tag's value is neither matched by a callable parameter name ... - not callable.getAParameter().getName() = paramTag.getParamName() and + not callable.getAParameter().getName() = paramTagName and // ... nor by a type parameter name. not exists(TypeVariable tv | tv.getGenericCallable() = callable | - "<" + tv.getName() + ">" = paramTag.getParamName() + "<" + tv.getName() + ">" = paramTagName ) and msg = - "@param tag \"" + paramTag.getParamName() + "\" does not match any actual parameter of " + + "@param tag \"" + paramTagName + "\" does not match any actual parameter of " + what + " \"" + callable.getName() + "()\"." else // The tag has no value at all. msg = "This @param tag does not have a value." select paramTag, msg +