Extend ascii-code-point-written-as-int-literal.ql to cover comparisons

Marcono1234 · Marcono1234 · commit d0e40f5a99de · 2024-07-18T22:57:08.000+02:00
diff --git a/codeql-custom-queries-java/queries/error-prone/ascii-code-point-written-as-int-literal.ql b/codeql-custom-queries-java/queries/error-prone/ascii-code-point-written-as-int-literal.ql
@@ -8,15 +8,47 @@
  *     return c >= 97 && c <= 122;
  * }
  * ```
+ *
+ * @kind problem
+ * @id TODO
  */
 
 import java
 import semmle.code.java.Conversions
 
+predicate isUsedAsChar(IntegerLiteral intLiteral) {
+  intLiteral.(ConversionSite).getConversionTarget() instanceof CharacterType and
+  // Ignore if used in arithmetic operation; probably only have to consider AssignOp (e.g. `+=`) because for
+  // other arithmetic operations implicit conversion to greater numeric type (e.g. `int`) occurs (?)
+  not any(AssignOp a).getRhs() = intLiteral
+  or
+  // Or comparing with a char value
+  exists(BinaryExpr comp |
+    comp instanceof EqualityTest
+    or
+    comp instanceof ComparisonExpr and
+    // But only consider when comparing with an alpha-numeric char (a-z, A-Z, 0-9)
+    // Control code checks such as `c < 0x20` might be easier to understand than `c < ' '`
+    exists(int codePoint | codePoint = intLiteral.getIntValue() |
+      codePoint = [97 .. 122] or codePoint = [65 .. 90] or codePoint = [48 .. 57]
+    )
+  |
+    comp.getAnOperand() = intLiteral and comp.getAnOperand().getType() instanceof CharacterType
+  )
+  or
+  // Or calling `Character.equals`
+  exists(MethodAccess equalsCall |
+    equalsCall.getMethod() instanceof EqualsMethod and
+    equalsCall.getQualifier().getType().(RefType).hasQualifiedName("java.lang", "Character") and
+    equalsCall.getArgument(0) = intLiteral
+  )
+}
+
 from IntegerLiteral intLiteral, int codePoint, string asciiChar
 where
-    intLiteral.(ConversionSite).getConversionTarget() instanceof CharacterType
-    and codePoint = intLiteral.getIntValue()
-    and codePoint in [32 .. 126]
-    and asciiChar = codePoint.toUnicode()
-select intLiteral, "Uses int literal instead of char literal for printable ASCII char '" + asciiChar + "'"
+  isUsedAsChar(intLiteral) and
+  codePoint = intLiteral.getIntValue() and
+  codePoint in [32 .. 126] and
+  asciiChar = codePoint.toUnicode()
+select intLiteral,
+  "Uses int literal instead of char literal for printable ASCII char '" + asciiChar + "'"
