-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add analyzer: Prevent wrong usage of string Split #47927
Comments
I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label. |
A more generalized form of this analyzer would be "You used a char, but it got widened to an int when you passed it to this method." Not sure how many false positives such an analyzer would produce. It's common to perform integer arithmetic on chars; e.g., See also #46103. |
cc: @carlossanlop FYI |
Since it's possible to pass a Analyzer: small Example: string txt = "bla bla";
string[] splitted1 = txt.Split(' ', '\t'); // OK because argument is "params char[] separators"
// BEFORE
// Second argument is passed as int because "params" can only be used for the last argument
string[] splitted2 = txt.Split(' ', '\t', StringSplitOptions.RemoveEmptyEntries);
// AFTER
// Suggested fix: Wrap chars in array of chars
string[] splitted2 = txt.Split(new char[] { ' ', '\t' }, StringSplitOptions.RemoveEmptyEntries);
// DO NOT FLAG
// Make sure to detect the data type of the second argument
char c = ' ';
int count = 5;
string[] splitted3 = txt.Split(c, count, StringSplitOptions.RemoveEmptyEntries); |
Using a messaging along the lines of "suspicious cast", having the rule identify calls to string.Split or StringBuilder..ctor that involves an implicit conversion from char to int seems like goodness (and we may add more specific API over time). All of the methods/constructors that we group together in this rule will use the same diagnostic ID. There are some generalizations (any implicit char->int in an argument; or that but only when there's an overload that takes char/string) which would be good to follow up on, but they're out of scope for this issue.
|
I would like to be assigned to this, please. |
Describe the problem you are trying to solve
Consider the following usage of Split on a string where you want to split on space and tab:
var split = s.Split(' ', '\t');
(which works fine)If you now get to the conclusion to remove empty entries, it is tempting to do this:
var split = s.Split(' ', '\t', StringSplitOptions.RemoveEmptyEntries);
But this won't give the expected result and will result in a bug in the application, because the second char is converted to an int and used as the count argument for this overload:
public string[] Split(char separator, int count, StringSplitOptions options = StringSplitOptions.None);
Describe suggestions on how to achieve the rule
To prevent this, an analyzer should detect that a char is passed to the count parameter of this specific overload and should warn that it won't split on that char.
A codefix can provide a conversion to the following:
var split = s.Split(new[] { ' ', '\t' }, StringSplitOptions.RemoveEmptyEntries);
(btw. it would be good to also have a template for analyzers in this repository, not only in the roslyn-analyzers repo)
The text was updated successfully, but these errors were encountered: