Closed Noah0120 closed 3 years ago
Tagging @IagoAbal
What version of Semgrep are you using @Noah0120 ? There was such a bug in an older version (returntocorp/semgrep#3155), but this now works as expected: https://semgrep.dev/s/owbx.
Thanks for your quick response.
I used version 0.53.0 and it had been fixed already!
Thank you for checking this!
Thank you for reporting the issue!
Describe the bug The rule
java.lang.correctness.eqeq.eqeq
produces false positives, when one of the operands isnull
or another primitive value.Firstly, in my opinion, the purpose of this rule may be to detect the cases that return always true by comparing the same value.
However, this rule detects the comparison between a certain variable and a primitive value even if the certain variable may not be primitive value. I think it would be better to be fixed.
To Reproduce In, accumulo/core/src/main/java/org/apache/accumulo/core/clientImpl/lexicoder/ByteUtils.java
In, camel/components/camel-web3j/src/main/java/org/apache/camel/component/web3j/Web3jHelper.java
Expected behavior Didn't show any alarm when there is a possible assignment to the variable.
Priority I think it would be false positives and please check these cases. Thank you:)