search

github / codeql

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
https://codeql.github.com
MIT License
7.67k stars 1.54k forks source link

LGTM.com - false positive: `import os` counts as syntax error #9940

Open dorschw opened 2 years ago

dorschw commented 2 years ago

import os is not a syntax error, nor can I see any special chars that may count as one. The code runs just fine

https://lgtm.com/projects/g/demisto/content/snapshot/5c6a7407d70b6c848c71537e58109d556ef5653b/files/Tests/scripts/collect_tests/collect_tests.py?sort=name&dir=ASC&mode=heatmap#x8c3e1b95a9b08ffa:1

hmakholm commented 2 years ago

Thanks for the report. This looks like an internal error in CodeQL's Python support. I'll pass it on to our Python analysis experts.

aibaars commented 2 years ago

@dorschw The import os line looks indeed fine. However, Python 3.8.10 appears to give a syntax error on line 172: https://lgtm.com/projects/g/demisto/content/snapshot/5c6a7407d70b6c848c71537e58109d556ef5653b/files/Tests/scripts/collect_tests/collect_tests.py?sort=name&dir=ASC&mode=heatmap#L172

Probably the syntax error from LGTM is lacking proper location information causing it to be reported on line 1.

dorschw commented 2 years ago

Cool, thanks

On Mon, Aug 1, 2022, 18:55 Arthur Baars @.***> wrote:

@dorschw https://urldefense.com/v3/__https://github.com/dorschw__;!!Mt_FR42WkD9csi9Y!aRB3_x7u28ATQiiE6ci-FoSKL0A6aAc4ZrVA4KbNOyAgaCefyw04pv8ka-Ru2wwqkgGlrhzNxvRDmqTMAFAwqVXlZopAcn_URw$ The import os line looks indeed fine. However, Python 3.8.10 appears to give a syntax error on line 172: https://lgtm.com/projects/g/demisto/content/snapshot/5c6a7407d70b6c848c71537e58109d556ef5653b/files/Tests/scripts/collect_tests/collect_tests.py?sort=name&dir=ASC&mode=heatmap#L172 https://urldefense.com/v3/__https://lgtm.com/projects/g/demisto/content/snapshot/5c6a7407d70b6c848c71537e58109d556ef5653b/files/Tests/scripts/collect_tests/collect_tests.py?sort=name&dir=ASC&mode=heatmap*L172__;Iw!!Mt_FR42WkD9csi9Y!aRB3_x7u28ATQiiE6ci-FoSKL0A6aAc4ZrVA4KbNOyAgaCefyw04pv8ka-Ru2wwqkgGlrhzNxvRDmqTMAFAwqVXlZooVCuspLA$

Probably the syntax error from LGTM is lacking proper location information causing it to be reported on line 1.

— Reply to this email directly, view it on GitHub https://urldefense.com/v3/__https://github.com/github/codeql/issues/9940*issuecomment-1201387385__;Iw!!Mt_FR42WkD9csi9Y!aRB3_x7u28ATQiiE6ci-FoSKL0A6aAc4ZrVA4KbNOyAgaCefyw04pv8ka-Ru2wwqkgGlrhzNxvRDmqTMAFAwqVXlZoqRDZGnng$, or unsubscribe https://urldefense.com/v3/__https://github.com/notifications/unsubscribe-auth/ATKUQ7TOJHEU5ZXSOVHMBSTVW7XPBANCNFSM55H74DXA__;!!Mt_FR42WkD9csi9Y!aRB3_x7u28ATQiiE6ci-FoSKL0A6aAc4ZrVA4KbNOyAgaCefyw04pv8ka-Ru2wwqkgGlrhzNxvRDmqTMAFAwqVXlZopMXZ9s6w$ . You are receiving this because you were mentioned.Message ID: @.***>

RasmusWL commented 2 years ago

Hi @dorschw, thanks for reporting this :+1: I think you might have found a bug in our parser, since we do support Python 3.10 and match (which is why @aibaars got syntax error on Python 3.8.10).

I'll look a bit more into it :blush: