Some issues found by static analyzer

Question

Some issues found by static analyzer

woongsikchoi opened this issue 7 years ago · 3 comments

Hi, I am a developer of JavaScript static analyzer called DeepScan.

For benchmarking, I analyzed wwwbasic project's code with DeepScan and found some issues that may cause incorrect behavior and thus better to be fixed. (Here is the detailed issue link)

The issues are:

Issue message: Variable 'b' has an undefined value, which is converted to string value 'undefined' at '+' operator. The value of variable 'b' is originated from the return value of 'Next()' defined at line 203.

    function Term2() {
      var a = Factor();
      while (tok == '\\') {
        var b = Next(); // Here is line 203
        Factor();
        a = 'Math.floor((' + a + ')/(' + b + '))'; // Here is the issue location
      }
      return a;
    }

Instead of Next(), I think Factor() should be assigned to variable b.

Issue message: 'else' keyword appears to be missing in front of 'if' statement.

        } else if (tok == 'base') {
          Skip('base');
          if (tok == '0') {
            option_base = 0;
          } if (tok == '1') { // Here is the issue location
            option_base = 1;
          } else {
            Throw('Unexpected option base "' + tok + '"');
          }
          Next();
        } else {

Because of the missing else, Unexpected option base exception is thrown when tok is '0'.

Answer 1 · 2018-09-24T03:59:42.000Z

Hi woongsikchoi,

Very neat!
Both very subtle bugs that would have been hard to catch with conventional tests.

deepscan looks very useful.

Thanks

-BradN

Answer 2 · 2018-09-24T04:20:31.000Z

Fixed in:
4875121

Answer 3 · 2018-09-24T06:12:35.000Z

Thank you.
It’s good to hear that deepscan looks useful.