Questions tagged [codeql]

62 questions
0
votes
1 answer

I can't run database analyse in CodeQL

I can't successfully launch a database analyse command. I tried to launch it like this: codeql database analyze test $HOME/codeql-home/codeql-repo/cpp/ql/examples/snippets/function_call.ql --format=csv --output=c_test.csv I got this error: is not…
aelk
  • 1
  • 1
0
votes
1 answer

How to check if a Java annotation has a specific property using CodeQL?

Let's say we have the following piece of code: public class Demo { @ABC(name = "abc") private String field1; @ABC private String field2; } @interface ABC { String name() default ""; } How can I write a query that selects all…
Mansur
  • 1,661
  • 3
  • 17
  • 41
0
votes
1 answer

Does GitHub publish the CodeQL ruleset?

I'd like to cross-check the vulnerabilities covered by GitHub's CodeQL service and OWASP Top Ten Web Application Security Risks so that I know where the gaps are. I can't find a list of vulnerabilities covered by CodeQL. Does GitHub publish the list…
Kye
  • 5,919
  • 10
  • 49
  • 84
0
votes
1 answer

CodeQL "otherwise"-ish construct?

I'm new to CodeQL, and still trying to wrap my head around it. On a semi-frequent basis, I find myself wanting for a language construct that supports specifying a "fallback value", to implement the following logic: foot Foo(...) { result = A or …
Christoph Lipka
  • 652
  • 4
  • 15
0
votes
1 answer

How to add extra source code for libraries/dependencies to a CodeQL database?

I'm trying to track taint globally across a code repository I downloaded from LGTM (GNU coreutils) but CodeQL seems to also consider calls to libc 'tainted', whereas they do not actually introduce any taint. Consider the following example: size_t…
Adriaan Jacobs
  • 309
  • 2
  • 9
0
votes
1 answer

Choose database from folder Code QL on Visual Studio Code

I would like to use Code QL in Visual Studio Code to parse a Java project and I am selecting the source folder of my java project after clicking on the icon "choose database from folder". My project's folder looks like this: I am receiving the…
0
votes
1 answer

CodeQL does not work: "Fatal error compiling: invalid target release: 11"

I want to use the code scanning tool CodeQL. I follow the steps in the guide to enable code scanning using github actions. But I get the following error message from the pipeline: [ERROR] Failed to execute goal…
flaxel
  • 4,173
  • 4
  • 17
  • 30
0
votes
1 answer

Way to implement CI test to check if function argument is valid?

Let's say I have a python function and dictionary as follows: d = {"a": 1, "b": 2, "c": 3} def foo(input): return d[input] Is there a way when I push my code to GitHub (presumably with some sort of continuous integration) to check that all…
William Gearty
  • 166
  • 1
  • 8
0
votes
1 answer

codeql CLI lgtm.yml: how to customize javascript extraction?

I can use an lgtm.yml file to customize the javascript extractor when building a database with LGTM.com, but how do I provide these customizations to the codeql CLI? Specifically, I want to include a directory that the extractor excludes by default…
emarteca
  • 51
  • 4
0
votes
1 answer

Can GitHub's / Semmle's CodeQL Query Executor be Self-hosted

I'd like to enable users of my service to write and execute CodeQL queries. I don't want to offload their execution to GitHub's / Semmle's servers. It's unclear whether this is doable, or whether I'd run into licensing issues. In the security lab,…
Harry Solovay
  • 483
  • 3
  • 14
0
votes
1 answer

How is this recursive CodeQL predicate is evaluated?

I'm in the process of trying to learn CodeQL and I'm a little confused about how certain CodeQL code is evaluated. I'm hoping someone can help me with a more simplistic explanation. Take the following CodeQL code: string getANeighbor(string…
wtfacoconut
  • 334
  • 1
  • 8
-1
votes
1 answer

running precommit hooks with codeql/GHAS sast scans?

I'm just getting started with CodeQL and we have a requirement from our devs to CodeQL sast scans as precommit hooks. I could not find any docs on how to set up CodeQL to make it run on my machine. Additional context (to answer questions…
nnay84
  • 167
  • 1
  • 12
-1
votes
1 answer

What is a good indicator of a request sent over a socket?

I am writing some codeql for web servers like apache and nginx. I have done some research and found that a good indicator of a request is ntohs or ntohl because the the data that is sent over a socket needs to be converted from network byte order to…
-2
votes
1 answer

Compiling single file from Chromium

I am trying to run codeql on Chromium among a few other open-source software, and I was wondering if it is possible to compile a single file from the full source code, because my machine takes a long time to compile such huge codebases. For example,…
sadmansh
  • 917
  • 2
  • 9
  • 21
-2
votes
1 answer

How to pass GIT_COMMIT variable to the Jenkins Pipeline

I'm unable to find a way to pass the GIT_COMMIT variable to the jenkins pipeline. There are two steps, first step checks out the repo and second step creates the codeql report. To publish the report I need the recent ccommit id from the repo and…
tarun
  • 17
  • 7