codeql/go/ql/test/query-tests/InconsistentCode/UnhandledCloseWritableHandle/tests.go at 7b2912376b657ff328f8cf3e94f49b94d4ed998a · owen-mc/codeql · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
package test

import (
	"io"
	"log"
	"os"
)

func closeFileDeferred(f *os.File) {
	defer f.Close() // $ Alert=w Alert=rw
}

func closeFileDeferredIndirect(f *os.File) {
	var cont = func() {
		f.Close() // $ Alert=w Alert=rw
	}

	defer cont()
}

func closeFileDeferredIndirectReturn(f *os.File) {
	var cont = func() error {
		return f.Close() // OK, because this function returns the error
	}

	// different (more general) problem: deferred error
	defer cont()
}

func deferredCalls() {
	// open file for writing
	if f, err := os.OpenFile("foo.txt", os.O_WRONLY|os.O_TRUNC|os.O_CREATE, 0666); err != nil { // $ Source=w
		closeFileDeferred(f)               // NOT OK
		closeFileDeferredIndirect(f)       // NOT OK
		closeFileDeferredIndirectReturn(f) // OK - the error is not discarded at the call to Close (though it is discarded later)
	}

	// open file for reading
	if f, err := os.OpenFile("foo.txt", os.O_RDONLY|os.O_CREATE, 0666); err != nil {
		closeFileDeferred(f)               // OK
		closeFileDeferredIndirect(f)       // OK
		closeFileDeferredIndirectReturn(f) // OK
	}

	// open file for reading and writing
	if f, err := os.OpenFile("foo.txt", os.O_RDWR|os.O_TRUNC|os.O_CREATE, 0666); err != nil { // $ Source=rw
		closeFileDeferred(f)               // NOT OK
		closeFileDeferredIndirect(f)       // NOT OK
		closeFileDeferredIndirectReturn(f) // OK - the error is not discarded at the call to Close (though it is discarded later)
	}
}

func notDeferred() {
	// open file for writing
	if f, err := os.OpenFile("foo.txt", os.O_WRONLY|os.O_TRUNC|os.O_CREATE, 0666); err != nil { // $ Source
		// the handle is write-only and we don't check if `Close` succeeds
		f.Close() // $ Alert
	}

	// open file for reading
	if f, err := os.OpenFile("foo.txt", os.O_RDONLY|os.O_CREATE, 0666); err != nil {
		// the handle is read-only, so this is ok
		f.Close() // OK
	}

	// open file for reading and writing
	if f, err := os.OpenFile("foo.txt", os.O_RDWR|os.O_TRUNC|os.O_CREATE, 0666); err != nil { // $ Source
		// the handle is read-write and we don't check if `Close` succeeds
		f.Close() // $ Alert
	}
}

func foo() error {
	// open file for writing
	if f, err := os.OpenFile("foo.txt", os.O_WRONLY|os.O_TRUNC|os.O_CREATE, 0666); err != nil {
		// the result of the call to `Close` is returned to the caller
		return f.Close() // OK
	}

	return nil
}

func isSyncedFirst() {
	// open file for writing
	if f, err := os.OpenFile("foo.txt", os.O_WRONLY|os.O_TRUNC|os.O_CREATE, 0666); err != nil {
		// we have a call to `Sync` and check whether it was successful before proceeding
		if err := f.Sync(); err != nil {
			f.Close() // OK
		}
		f.Close() // OK
	}
}

func deferredCloseWithSync() {
	// open file for writing
	if f, err := os.OpenFile("foo.txt", os.O_WRONLY|os.O_TRUNC|os.O_CREATE, 0666); err != nil {
		// a call to `Close` is deferred, but we have a call to `Sync` later which
		// precedes the call to `Close` during execution
		defer f.Close() // OK

		if err := f.Sync(); err != nil {
			log.Fatal(err)
		}
	}
}

func deferredCloseWithSyncEarlyReturn(n int) {
	// open file for writing
	if f, err := os.OpenFile("foo.txt", os.O_WRONLY|os.O_TRUNC|os.O_CREATE, 0666); err != nil { // $ Source
		// a call to `Close` is deferred
		defer f.Close() // $ Alert

		if n > 100 {
			return
		}

		// we have a call to `Sync` here, but it might not get executed if n <= 100
		if err := f.Sync(); err != nil {
			log.Fatal(err)
		}
	}
}

func unhandledSync() {
	// open file for writing
	if f, err := os.OpenFile("foo.txt", os.O_WRONLY|os.O_TRUNC|os.O_CREATE, 0666); err != nil { // $ Source
		// we have a call to `Sync` which precedes the call to `Close`, but there is no check
		// to see if `Sync` may have failed
		f.Sync()
		f.Close() // $ Alert
	}
}

func returnedSync() error {
	// open file for writing
	f, err := os.OpenFile("foo.txt", os.O_WRONLY|os.O_TRUNC|os.O_CREATE, 0666)
	if err != nil {
		// we have a call to `Sync` which precedes the call to `Close`, but there is no check
		// to see if `Sync` may have failed
		return err
	}
	defer f.Close()
	return f.Sync()
}

func copyFile(destFile string, mode os.FileMode, src io.Reader) error {
	f, err := os.OpenFile(destFile, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, mode) // $ Source
	if err != nil {
		return err
	}
	defer f.Close() // $ SPURIOUS: Alert

	_, err = io.Copy(f, src)
	if err != nil {
		return err
	}
	return f.Sync()
}