SA0275 : Track all rule suppression comments |
 |
Using suppression comments can obscure critical issues in SQL code, causing potential problems to go unnoticed.
DescriptionWhen working with T-SQL and SQL Server, suppression comments are used to bypass certain analysis checks. This can result in neglected detection of code inconsistencies or vulnerabilities, which may critically impact database performance and security.
Suppression comment hiding potential issue:
1SELECT * FROM LargeTable; -- IGNORE:SA0011
Ignoring warnings with suppression comments can hide issues such as inefficient use of SELECT * queries, leading to unnecessary data retrieval and performance degradation. Use suppression comments judiciously and with justifications.
-
Hiding inefficient queries or unoptimized indexes, which can slow down database operations.
-
Bypassing alerts for deprecated syntax or unsafe practices, posing risks during database version upgrades.
-
Ignoring warnings about implicit conversions or locking issues, which might cause runtime inefficiencies or failures.
How to fixThis section provides a method to address issues related to suppression comments in SQL code, ensuring that they do not obscure critical vulnerabilities or inefficiencies.
Follow these steps to address the issue:
-
Validate the necessity of each suppression comment. Determine if it’s essential to the current code or if the underlying issue should be tackled instead. Remove any unnecessary suppressions, especially those applied too broadly or without justification.
-
Document the reasoning behind valid suppressions by providing detailed explanations. Avoid using vague justifications such as “performance reasons” without specific supporting evidence.
-
Address the root cause of the issues instead of suppressing warnings. Where possible, optimize query structures to improve performance or refactor code to eliminate unsafe practices or deprecated syntax.
-
Implement standards by establishing and enforcing guidelines for the appropriate use of suppression comments to prevent misuse in future code.
For example:
1-- Original query with suppression comment 2-- SELECT * FROM LargeTable; -- IGNORE:SA0011 3 4-- Optimized query without suppression comment 5SELECT Column1, Column2 FROM LargeTable;
ScopeThe rule has a Batch scope and is applied only on the SQL script.
ParametersRule has no parameters.
RemarksThe rule does not need Analysis Context or SQL Connection.
Effort To FixCategoriesNew Rules
Additional InformationThere is no additional info for this rule.
Example Test SQL|
SQL
1SELECT 'Hello, DB1!' -- IGNORE: SA0001 (LINE) - for test 2 3 4USE DB1 -- IGNORE: * (STATEMENT) - for another test 5 6 7SELECT 'Bye, DB1!' /* ignore: * - for yet another test */ |
Analysis Results| Message | Line | Column | |
|---|---|---|---|
| 1 | SA0275 : Issue suppression comment found. Rules: *, Scope: INLINE, Reason: for yet another test | 7 | 19 |
| 2 | SA0275 : Issue suppression comment found. Rules: SA0001, Scope: LINE, Reason: for test | 1 | 21 |
| 3 | SA0275 : Issue suppression comment found. Rules: *, Scope: STATEMENT, Reason: for another test | 4 | 8 |
See Also