|
| 1 | +.. _basic-query-for-swift-code: |
| 2 | + |
| 3 | +Basic query for Swift code |
| 4 | +========================= |
| 5 | + |
| 6 | +Learn to write and run a simple CodeQL query using Visual Studio Code with the CodeQL extension. |
| 7 | + |
| 8 | +.. include:: ../reusables/vs-code-basic-instructions/setup-to-run-queries.rst |
| 9 | + |
| 10 | +About the query |
| 11 | +--------------- |
| 12 | + |
| 13 | +The query we're going to run performs a basic search of the code for ``if`` expressions that are redundant, in the sense that they have an empty ``then`` branch. For example, code such as: |
| 14 | + |
| 15 | +.. code-block:: swift |
| 16 | +
|
| 17 | + if error { |
| 18 | + // we should handle the error |
| 19 | + } |
| 20 | +
|
| 21 | +.. include:: ../reusables/vs-code-basic-instructions/find-database.rst |
| 22 | + |
| 23 | +Running a quick query |
| 24 | +--------------------- |
| 25 | + |
| 26 | +.. include:: ../reusables/vs-code-basic-instructions/run-quick-query-1.rst |
| 27 | + |
| 28 | +#. In the quick query tab, delete the content and paste in the following query. |
| 29 | + |
| 30 | + .. code-block:: ql |
| 31 | +
|
| 32 | + import swift |
| 33 | +
|
| 34 | + from IfStmt ifStmt |
| 35 | + where ifStmt.getThen().(BraceStmt).getNumberOfElements() = 0 |
| 36 | + select ifStmt, "This 'if' statement is redundant." |
| 37 | +
|
| 38 | +.. include:: ../reusables/vs-code-basic-instructions/run-quick-query-2.rst |
| 39 | + |
| 40 | +.. image:: ../images/codeql-for-visual-studio-code/basic-swift-query-results-1.png |
| 41 | + :align: center |
| 42 | + |
| 43 | +If any matching code is found, click a link in the ``ifStmt`` column to open the file and highlight the matching ``if`` statement. |
| 44 | + |
| 45 | +.. image:: ../images/codeql-for-visual-studio-code/basic-swift-query-results-2.png |
| 46 | + :align: center |
| 47 | + |
| 48 | +.. include:: ../reusables/vs-code-basic-instructions/note-store-quick-query.rst |
| 49 | + |
| 50 | +About the query structure |
| 51 | +~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 52 | + |
| 53 | +After the initial ``import`` statement, this simple query comprises three parts that serve similar purposes to the FROM, WHERE, and SELECT parts of an SQL query. |
| 54 | + |
| 55 | ++------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+ |
| 56 | +| Query part | Purpose | Details | |
| 57 | ++==================================================================+===================================================================================================================+=================================================================================================+ |
| 58 | +| ``import swift`` | Imports the standard CodeQL AST libraries for Swift. | Every query begins with one or more ``import`` statements. | |
| 59 | ++------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+ |
| 60 | +| ``from IfStmt ifStmt`` | Defines the variables for the query. | We use: an ``IfStmt`` variable for ``if`` statements. | |
| 61 | +| | Declarations are of the form: | | |
| 62 | +| | ``<type> <variable name>`` | | |
| 63 | ++------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+ |
| 64 | +| ``where ifStmt.getThen().(BraceStmt).getNumberOfElements() = 0`` | Defines a condition on the variables. | ``ifStmt.getThen()``: gets the ``then`` branch of the ``if`` expression. | |
| 65 | +| | | ``.(BraceStmt)``: requires that the ``then`` branch is a brace statement (``{ }``). | |
| 66 | +| | | ``.getNumberOfElements() = 0``: requires that the brace statement contains no child statements. | |
| 67 | ++------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+ |
| 68 | +| ``select ifStmt, "This 'if' statement is redundant."`` | Defines what to report for each match. | Reports the resulting ``if`` statement with a string that explains the problem. | |
| 69 | +| | | | |
| 70 | +| | ``select`` statements for queries that are used to find instances of poor coding practice are always in the form: | | |
| 71 | +| | ``select <program element>, "<alert message>"`` | | |
| 72 | ++------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+ |
| 73 | + |
| 74 | +Extend the query |
| 75 | +---------------- |
| 76 | + |
| 77 | +Query writing is an inherently iterative process. You write a simple query and then, when you run it, you discover examples that you had not previously considered, or opportunities for improvement. |
| 78 | + |
| 79 | +Remove false positive results |
| 80 | +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 81 | + |
| 82 | +Browsing the results of our basic query shows that it could be improved. Among the results you are likely to find examples of ``if`` statements with an ``else`` branch, where an empty ``then`` branch does serve a purpose. For example: |
| 83 | + |
| 84 | +.. code-block:: swift |
| 85 | +
|
| 86 | + if (option == "-verbose") { |
| 87 | + // nothing to do - handled earlier |
| 88 | + } else { |
| 89 | + handleError("unrecognized option") |
| 90 | + } |
| 91 | +
|
| 92 | +In this case, identifying the ``if`` statement with the empty ``then`` branch as redundant is a false positive. One solution to this is to modify the query to select ``if`` statements where both the ``then`` and ``else`` branches are missing. |
| 93 | + |
| 94 | +To exclude ``if`` statements that have an ``else`` branch: |
| 95 | + |
| 96 | +#. Add the following to the where clause: |
| 97 | + |
| 98 | + .. code-block:: ql |
| 99 | +
|
| 100 | + and not exists(ifStmt.getElse()) |
| 101 | +
|
| 102 | + The ``where`` clause is now: |
| 103 | + |
| 104 | + .. code-block:: ql |
| 105 | +
|
| 106 | + where |
| 107 | + ifStmt.getThen().(BraceStmt).getNumberOfElements() = 0 and |
| 108 | + not exists(ifStmt.getElse()) |
| 109 | +
|
| 110 | +#. Re-run the query. |
| 111 | + |
| 112 | + There are now fewer results because ``if`` expressions with an ``else`` branch are no longer included. |
| 113 | + |
| 114 | +Further reading |
| 115 | +--------------- |
| 116 | + |
| 117 | +.. include:: ../reusables/swift-further-reading.rst |
| 118 | +.. include:: ../reusables/codeql-ref-tools-further-reading.rst |
| 119 | + |
| 120 | +.. Article-specific substitutions for the reusables used in docs/codeql/reusables/vs-code-basic-instructions |
| 121 | +
|
| 122 | +.. |language-text| replace:: Swift |
| 123 | + |
| 124 | +.. |language-code| replace:: ``swift`` |
| 125 | + |
| 126 | +.. |example-url| replace:: https://github.com/alamofire/alamofire |
| 127 | + |
| 128 | +.. |image-quick-query| image:: ../images/codeql-for-visual-studio-code/quick-query-tab-swift.png |
| 129 | + |
| 130 | +.. |result-col-1| replace:: The first column corresponds to the expression ``ifStmt`` and is linked to the location in the source code of the project where ``ifStmt`` occurs. |
0 commit comments