Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Generating --dot format report output dot file with wrong syntax #18032

Open
Wowhere opened this issue Nov 19, 2024 · 3 comments
Open

Generating --dot format report output dot file with wrong syntax #18032

Wowhere opened this issue Nov 19, 2024 · 3 comments
Labels
question Further information is requested

Comments

@Wowhere
Copy link

Wowhere commented Nov 19, 2024

My commands:

codeql database analyze test C:\sast\codeql-main\csharp\ql\test\shared\PrintAst.ql --format=dot --output=result1.dot

Than i trying to print it with graphviz:

dot -Tps result1.dot\cs\print-ast.dot -o out1.eps
Error: result1.dot\cs\print-ast.dot: syntax error in line 59944 near '{'

Line:

59944[label="[StringLiteralUtf16] \"for quickly exploring the API; rather than querying for \\"{ edges { node } }\\" when no edge data \""; ];

How to get rid with curly braces placements from cli command?

@Wowhere Wowhere added the question Further information is requested label Nov 19, 2024
@aibaars
Copy link
Contributor

aibaars commented Nov 19, 2024

That appears to be a design flaw of the dot language. The { is part of a quoted string and should not be interpreted by dot. The documentation says that " should be escaped as \" and no other characters can be escaped. It's not really clear how it handles \\" though.

In quoted strings in DOT, the only escaped character is double-quote ". That is, in quoted strings, the dyad " is converted to "; all other characters are left unchanged. In particular, \\ remains \\. Layout engines may apply additional escape sequences.
https://graphviz.org/doc/info/lang.html

Note that the curly braces come from the analyzed source code. I guess you are analyzing the following code:

https://github.com/graphql-dotnet/graphql-dotnet/blob/a45f9bc34bb3a13e1933568d38ff75027ecfe155/src/GraphQL/Types/Relay/ConnectionType.cs#L41

@Wowhere
Copy link
Author

Wowhere commented Nov 20, 2024

After little research i understood that curly braces dont affect error, only double slashes "\\".
I dont understand how i supposed to work with corrupted dot output from CodeQL. I must use another library for visualising dot? Maybe it is a bug of CodeQL?

@aibaars
Copy link
Contributor

aibaars commented Nov 20, 2024

Looking at the actual implementation of dot it appears that \\" gets interpreted as \\ and an unescaped ".

https://gitlab.com/graphviz/graphviz/-/blob/main/lib/cgraph/scan.l#L131-137

That does not really match with the way I would understand the documentation, and it appears that the dot developers weren't really sure about it either. They have been going back and forth with the implementation. I guess they are just as confused as I am ;-) I particularly like the message of the last commit

Remove change made in d19b672a until we can remember why this change was made.

History of string literal parsing:

We'll change CodeQL to produce output in dot format that can be interpreted by the current version of graphviz.

Thanks for reporting. As a workaround you can edit the generated dot file and replace \\" with \\\" .

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
question Further information is requested
Projects
None yet
Development

No branches or pull requests

2 participants