Merge pull request #1223 from geoffw0/commentedoutcode

rdmarsh2 · web-flow · commit 75ab311c3a19 · 2019-04-09T16:16:19.000-04:00
CPP: Detect commented out preprocessor logic
diff --git a/change-notes/1.21/analysis-cpp.md b/change-notes/1.21/analysis-cpp.md
@@ -11,6 +11,7 @@
 
 | **Query**                  | **Expected impact**    | **Change**                                                       |
 |----------------------------|------------------------|------------------------------------------------------------------|
+| Commented-out code (`cpp/commented-out-code`) | More correct results | Commented out preprocessor code is now detected by this query. |
 | Dead code due to goto or break statement (`cpp/dead-code-goto`) | Fewer false positive results | Functions containing preprocessor logic are now excluded from this analysis. |
 | Mismatching new/free or malloc/delete (`cpp/new-free-mismatch`) | Fewer false positive results | Fixed an issue where functions were being identified as allocation functions inappropriately.  Also affects `cpp/new-array-delete-mismatch` and `cpp/new-delete-array-mismatch`. |
 | Overflow in uncontrolled allocation size (`cpp/uncontrolled-allocation-size`) | More correct results | This query has been reworked so that it can find a wider variety of results. |
diff --git a/cpp/ql/src/Documentation/CommentedOutCode.qll b/cpp/ql/src/Documentation/CommentedOutCode.qll
@@ -2,45 +2,57 @@ import cpp
 
 /**
  * Holds if `line` looks like a line of code.
- * Matches comment lines ending with '{', '}' or ';' that do not start with '>' or contain '@{' or '@}', but first filters out:
- *  * HTML entities in common notation (e.g. &amp;gt; and &amp;eacute;)
- *  * HTML entities in decimal notation (e.g. a&amp;#768;)
- *  * HTML entities in hexadecimal notation (e.g. &amp;#x705F;)
- * To account for the code generated by protobuf, we also insist that the comment
- * does not begin with `optional` or `repeated` and end with a `;`, which would
- * normally be a quoted bit of literal `.proto` specification above the associated
- * declaration.
- * To account for emacs folding markers, we ignore any line containing
- * `{{{` or `}}}`.
- *
- * Finally, some code tends to embed GUIDs in comments, so we also exclude those.
  */
 bindingset[line]
 private predicate looksLikeCode(string line) {
-    exists(string trimmed |
-           trimmed = line.regexpReplaceAll("(?i)(^\\s+|&#?[a-z0-9]{1,31};|\\s+$)", "") |
-           trimmed.regexpMatch(".*[{};]")
-           and (
-              // If this line looks like code because it ends with a closing
-              // brace that's preceded by something other than whitespace ...
-              trimmed.regexpMatch(".*.\\}")
-              implies
-              // ... then there has to be ") {" (or some variation)
-              // on the line, suggesting it's a statement like `if`
-              // or a function declaration. Otherwise it's likely to be a
-              // benign use of braces such as a JSON example or explanatory
-              // pseudocode.
-              trimmed.regexpMatch(".*(\\)|const|volatile|override|final|noexcept|&)\\s*\\{.*")
-           )
-           and not trimmed.regexpMatch("(>.*|.*[\\\\@][{}].*|(optional|repeated) .*;|.*(\\{\\{\\{|\\}\\}\\}).*|\\{[-0-9a-zA-Z]+\\})"))
+  exists(string trimmed |
+    // trim leading and trailing whitespace, and HTML codes: 
+    //  * HTML entities in common notation (e.g. &amp;gt; and &amp;eacute;)
+    //  * HTML entities in decimal notation (e.g. a&amp;#768;)
+    //  * HTML entities in hexadecimal notation (e.g. &amp;#x705F;)
+    trimmed = line.regexpReplaceAll("(?i)(^\\s+|&#?[a-z0-9]{1,31};|\\s+$)", "")
+  |
+    (
+      (
+        // Match comment lines ending with '{', '}' or ';'
+        trimmed.regexpMatch(".*[{};]") and
+        (
+          // If this line looks like code because it ends with a closing
+          // brace that's preceded by something other than whitespace ...
+          trimmed.regexpMatch(".*.\\}")
+          implies
+          // ... then there has to be ") {" (or some variation)
+          // on the line, suggesting it's a statement like `if`
+          // or a function definition. Otherwise it's likely to be a
+          // benign use of braces such as a JSON example or explanatory
+          // pseudocode.
+          trimmed.regexpMatch(".*(\\)|const|volatile|override|final|noexcept|&)\\s*\\{.*")
+        )
+      ) or (
+        // Match comment lines that look like preprocessor code
+        trimmed.regexpMatch("#\\s*(include|define|undef|if|ifdef|ifndef|elif|else|endif|error|pragma)\\b.*")
+      )
+    ) and (
+      // Exclude lines that start with '>' or contain '@{' or '@}'.
+      // To account for the code generated by protobuf, we also insist that the comment
+      // does not begin with `optional` or `repeated` and end with a `;`, which would
+      // normally be a quoted bit of literal `.proto` specification above the associated
+      // declaration.
+      // To account for emacs folding markers, we ignore any line containing
+      // `{{{` or `}}}`.
+      // Finally, some code tends to embed GUIDs in comments, so we also exclude those.
+      not trimmed
+        .regexpMatch("(>.*|.*[\\\\@][{}].*|(optional|repeated) .*;|.*(\\{\\{\\{|\\}\\}\\}).*|\\{[-0-9a-zA-Z]+\\})")
+    )
+  )
 }
 
 /**
  * The line of a C++-style comment within its file `f`.
  */
 private int lineInFile(CppStyleComment c, File f) {
-    f = c.getFile() and
-    result = c.getLocation().getStartLine()
+  f = c.getFile() and
+  result = c.getLocation().getStartLine()
 }
 
 /**
@@ -53,11 +65,12 @@ private int lineInFile(CppStyleComment c, File f) {
  * without line comments would increase the line number without increasing
  * the rank and thus force a change of block ID.
  */
-private pragma[nomagic] int commentLineBlockID(File f, int line) {
-    exists(int lineRank |
-        line = rank[lineRank](lineInFile(_, f)) and
-        result = line - lineRank
-    )
+pragma[nomagic]
+private int commentLineBlockID(File f, int line) {
+  exists(int lineRank |
+    line = rank[lineRank](lineInFile(_, f)) and
+    result = line - lineRank
+  )
 }
 
 /**
@@ -67,80 +80,80 @@ private pragma[nomagic] int commentLineBlockID(File f, int line) {
  * for separate runs.
  */
 private int commentId(CppStyleComment c, File f, int line) {
-    result = commentLineBlockID(f, line) and
-    line = lineInFile(c, f)
+  result = commentLineBlockID(f, line) and
+  line = lineInFile(c, f)
 }
 
 /**
  * A contiguous block of comments.
  */
 class CommentBlock extends Comment {
-    CommentBlock() {
-        this instanceof CppStyleComment implies
-        not exists(CppStyleComment pred, File f | lineInFile(pred, f) + 1 = lineInFile(this, f))
-    }
+  CommentBlock() {
+    this instanceof CppStyleComment
+    implies
+    not exists(CppStyleComment pred, File f | lineInFile(pred, f) + 1 = lineInFile(this, f))
+  }
 
-    /**
-     * Gets the `i`th comment associated with this comment block.
-     */
-    Comment getComment(int i) {
-        (i = 0 and result = this) or
-        exists(File f, int thisLine, int resultLine |
-            commentId(this, f, thisLine) = commentId(result, f, resultLine) |
-            i = resultLine - thisLine
-        )
-    }
+  /**
+   * Gets the `i`th comment associated with this comment block.
+   */
+  Comment getComment(int i) {
+    i = 0 and result = this
+    or
+    exists(File f, int thisLine, int resultLine |
+      commentId(this, f, thisLine) = commentId(result, f, resultLine)
+    |
+      i = resultLine - thisLine
+    )
+  }
 
-    Comment lastComment() {
-        result = this.getComment(max(int i | exists(this.getComment(i))))
-    }
+  Comment lastComment() { result = this.getComment(max(int i | exists(this.getComment(i)))) }
 
-    string getLine(int i) {
-        this instanceof CStyleComment and result = this.getContents().regexpCapture("(?s)/\\*+(.*)\\*+/", 1).splitAt("\n", i)
-        or
-        this instanceof CppStyleComment and result = this.getComment(i).getContents().suffix(2)
-    }
+  string getLine(int i) {
+    this instanceof CStyleComment and
+    result = this.getContents().regexpCapture("(?s)/\\*+(.*)\\*+/", 1).splitAt("\n", i)
+    or
+    this instanceof CppStyleComment and result = this.getComment(i).getContents().suffix(2)
+  }
 
-    int numLines() {
-        result = strictcount(int i, string line | line = this.getLine(i) and line.trim() != "")
-    }
+  int numLines() {
+    result = strictcount(int i, string line | line = this.getLine(i) and line.trim() != "")
+  }
 
-    int numCodeLines() {
-        result = strictcount(int i, string line | line = this.getLine(i) and looksLikeCode(line))
-    }
+  int numCodeLines() {
+    result = strictcount(int i, string line | line = this.getLine(i) and looksLikeCode(line))
+  }
 
-    predicate isDocumentation() {
-        // If a C-style comment starts each line with a *, then it's
-        // probably documentation rather than code.
-        this instanceof CStyleComment and
-        forex(int i | i in [1 .. this.numLines() - 1]
-                    | this.getLine(i).trim().matches("*%"))
-    }
+  predicate isDocumentation() {
+    // If a C-style comment starts each line with a *, then it's
+    // probably documentation rather than code.
+    this instanceof CStyleComment and
+    forex(int i | i in [1 .. this.numLines() - 1] | this.getLine(i).trim().matches("*%"))
+  }
 
-    predicate isCommentedOutCode() {
-        not this.isDocumentation() and
-        this.numCodeLines().(float) / this.numLines().(float) > 0.5
-    }
+  predicate isCommentedOutCode() {
+    not this.isDocumentation() and
+    this.numCodeLines().(float) / this.numLines().(float) > 0.5
+  }
 
-    /**
-     * Holds if this element is at the specified location.
-     * The location spans column `startcolumn` of line `startline` to
-     * column `endcolumn` of line `endline` in file `filepath`.
-     * For more information, see
-     * [Locations](https://help.semmle.com/QL/learn-ql/ql/locations.html).
-     */
-    predicate hasLocationInfo(string filepath, int startline, int startcolumn, int endline, int endcolumn) {
-        this.getLocation().hasLocationInfo(filepath, startline, startcolumn, _, _) and
-        this.lastComment().getLocation().hasLocationInfo(_, _, _, endline, endcolumn)
-    }
+  /**
+   * Holds if this element is at the specified location.
+   * The location spans column `startcolumn` of line `startline` to
+   * column `endcolumn` of line `endline` in file `filepath`.
+   * For more information, see
+   * [Locations](https://help.semmle.com/QL/learn-ql/ql/locations.html).
+   */
+  predicate hasLocationInfo(
+    string filepath, int startline, int startcolumn, int endline, int endcolumn
+  ) {
+    this.getLocation().hasLocationInfo(filepath, startline, startcolumn, _, _) and
+    this.lastComment().getLocation().hasLocationInfo(_, _, _, endline, endcolumn)
+  }
 }
 
 /**
  * A piece of commented-out code, identified using heuristics
  */
 class CommentedOutCode extends CommentBlock {
-    CommentedOutCode() {
-        this.isCommentedOutCode()
-    }
+  CommentedOutCode() { this.isCommentedOutCode() }
 }
-
diff --git a/cpp/ql/test/query-tests/Documentation/CommentedOutCode/CommentedOutCode.expected b/cpp/ql/test/query-tests/Documentation/CommentedOutCode/CommentedOutCode.expected
@@ -1,6 +1,13 @@
 | test2.cpp:37:1:37:39 | // int myFunction() { return myValue; } | This comment appears to contain commented-out code |
 | test2.cpp:39:1:39:45 | // int myFunction() const { return myValue; } | This comment appears to contain commented-out code |
 | test2.cpp:41:1:41:54 | // int myFunction() const noexcept { return myValue; } | This comment appears to contain commented-out code |
+| test2.cpp:43:1:43:18 | // #define MYMACRO | This comment appears to contain commented-out code |
+| test2.cpp:45:1:45:23 | // #include "include.h" | This comment appears to contain commented-out code |
+| test2.cpp:47:1:51:2 | /*\n#ifdef\nvoid myFunction();\n#endif\n*/ | This comment appears to contain commented-out code |
+| test2.cpp:59:1:59:24 | // #if(defined(MYMACRO)) | This comment appears to contain commented-out code |
+| test2.cpp:63:1:63:15 | // #pragma once | This comment appears to contain commented-out code |
+| test2.cpp:65:1:65:17 | //  # pragma once | This comment appears to contain commented-out code |
+| test2.cpp:67:1:67:19 | /*#error"myerror"*/ | This comment appears to contain commented-out code |
 | test.c:2:1:2:22 | // commented out code; | This comment appears to contain commented-out code |
 | test.c:4:1:7:8 | // some; | This comment appears to contain commented-out code |
 | test.c:9:1:13:8 | // also; | This comment appears to contain commented-out code |
diff --git a/cpp/ql/test/query-tests/Documentation/CommentedOutCode/test2.cpp b/cpp/ql/test/query-tests/Documentation/CommentedOutCode/test2.cpp
@@ -39,3 +39,29 @@
 // int myFunction() const { return myValue; }
 
 // int myFunction() const noexcept { return myValue; }
+
+// #define MYMACRO
+
+// #include "include.h"
+
+/*
+#ifdef
+void myFunction();
+#endif
+*/
+
+// define some constants
+
+// don't #include anything here
+
+// #hashtag
+
+// #if(defined(MYMACRO))
+
+// #iffy
+
+// #pragma once
+
+//  # pragma once
+
+/*#error"myerror"*/
