Expression has no effect¶
ID: js/useless-expression
Kind: problem
Security severity:
Severity: warning
Precision: very-high
Tags:
- maintainability
- correctness
- external/cwe/cwe-480
- external/cwe/cwe-561
Query suites:
- javascript-security-and-quality.qls
Click to see the query in the CodeQL repository
An expression that has no effects (such as changing variable values or producing output) and occurs in a context where its value is ignored possibly indicates missing code or a latent bug.
Recommendation¶
Carefully inspect the expression to ensure it is not a symptom of a bug. To document that the value of an expression is deliberately ignored, wrap it into a void
expression.
Example¶
The following code snippet accesses the selectedIndex
property of a DOM node to trigger additional processing in certain versions of Safari. This, however, is not clear from the code itself, which looks like a property read whose value is discarded immediately.
elem.parentNode.selectedIndex;
To document the fact that the property read has a hidden side effect and its value is deliberately ignored, it should be wrapped into a void
expression like this:
void(elem.parentNode.selectedIndex);
A common source of warnings are constructor functions that “declare” a property of the newly constructed object without initializing it, by simply referring to it in an expression statement like this:
function Graph(nodes, edges) {
this.nodes = nodes;
this.edges = edges;
// cache minimum distance between pairs of nodes
this.distance;
}
Semantically, this is unnecessary, since the property will be created upon first assignment. If the aim is to document the existence of the property, it would be better to explicitly assign it an initial value, which also serves to document its expected type:
function Graph(nodes, edges) {
this.nodes = nodes;
this.edges = edges;
// cache minimum distance between pairs of nodes
this.distance = {};
}
References¶
JSLint Error Explanations: Expected an assignment or function call.
Common Weakness Enumeration: CWE-480.
Common Weakness Enumeration: CWE-561.