Uploaded image for project: 'SonarJava'
  1. SonarJava
  2. SONARJAVA-3552

Rule S5996: Regex boundaries should not be used in a way that can never match

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 6.10
    • Component/s: Rules
    • Labels:

      Description

      1. Find all relevant boundaries (^, $, \A, \Z, \z) in the regex using a visitation of the AST.
      2. For each boundary check whether it can reach the end-of-the-regex state without consuming input using the linked helper method.
      3. If it can't, report an issue.

      Compared to the current implementation of S5840 this will avoid false positives if the boundary is nested inside other syntactic constructs (like in a look around).

        Attachments

          Issue Links

          depends upon

          Task - A task that needs to be done. SONARJAVA-3549 Add support for automata-based analyses for regular expressions

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. SONARJAVA-3551 Implement helper to find whether state in regex automaton is reachable without consuming input

          • Major - Major loss of function.
          • Closed
          implements

          Bug Detection - RSPEC-5996 Regex boundaries should not be used in a way that can never be matched

          • Active

            Activity

              People

              Assignee:
              sebastian.hungerecker Sebastian Hungerecker
              Reporter:
              sebastian.hungerecker Sebastian Hungerecker
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Due:
                Created:
                Updated:
                Resolved: