CodeQL documentation
CodeQL resources

Potentially uninitialized local variable

ID: rb/uninitialized-local-variable
Kind: problem
Security severity: 
Severity: error
Precision: high
Tags:
   - quality
   - reliability
   - correctness
Query suites:
   - ruby-security-and-quality.qls

Click to see the query in the CodeQL repository

Overview

In Ruby, it is not necessary to explicitly initialize variables. If a local variable has not been explicitly initialized, it will have the value nil. If this happens unintentionally, though, the variable will not represent an object with the expected methods, and a method call on the variable will raise a NoMethodError.

Recommendation

Ensure that the variable cannot be nil at the point highlighted by the alert. This can be achieved by using a safe navigation or adding a check for nil.

Note: You do not need to explicitly initialize the variable, if you can make the program deal with the possible nil value. In particular, initializing the variable to nil will have no effect, as this is already the value of the variable. If nil is the only possible default value, you need to handle the nil value instead of initializing the variable.

Example

Incorrect Usage

In the following code, the call to create_file may fail and then the call f.close will raise a NoMethodError since f will be nil at that point.

def dump(x)
  f = create_file
  f.puts(x)
ensure
  f.close
end

Correct Usage

We can fix this by using safe navigation:

def dump(x)
  f = create_file
  f.puts(x)
ensure
  f&.close
end

References

  • © GitHub, Inc.
  • Terms
  • Privacy