Questions tagged [codeql]
62 questions
0
votes
1 answer
I can't run database analyse in CodeQL
I can't successfully launch a database analyse command.
I tried to launch it like this:
codeql database analyze test $HOME/codeql-home/codeql-repo/cpp/ql/examples/snippets/function_call.ql --format=csv --output=c_test.csv
I got this error:
is not…

aelk
- 1
- 1
0
votes
1 answer
How to check if a Java annotation has a specific property using CodeQL?
Let's say we have the following piece of code:
public class Demo {
@ABC(name = "abc")
private String field1;
@ABC
private String field2;
}
@interface ABC {
String name() default "";
}
How can I write a query that selects all…

Mansur
- 1,661
- 3
- 17
- 41
0
votes
1 answer
Does GitHub publish the CodeQL ruleset?
I'd like to cross-check the vulnerabilities covered by GitHub's CodeQL service and OWASP Top Ten Web Application Security Risks so that I know where the gaps are.
I can't find a list of vulnerabilities covered by CodeQL. Does GitHub publish the list…

Kye
- 5,919
- 10
- 49
- 84
0
votes
1 answer
CodeQL "otherwise"-ish construct?
I'm new to CodeQL, and still trying to wrap my head around it. On a semi-frequent basis, I find myself wanting for a language construct that supports specifying a "fallback value", to implement the following logic:
foot Foo(...) {
result = A
or
…

Christoph Lipka
- 652
- 4
- 15
0
votes
1 answer
How to add extra source code for libraries/dependencies to a CodeQL database?
I'm trying to track taint globally across a code repository I downloaded from LGTM (GNU coreutils) but CodeQL seems to also consider calls to libc 'tainted', whereas they do not actually introduce any taint. Consider the following example:
size_t…

Adriaan Jacobs
- 309
- 2
- 9
0
votes
1 answer
Choose database from folder Code QL on Visual Studio Code
I would like to use Code QL in Visual Studio Code to parse a Java project and I am selecting the source folder of my java project after clicking on the icon "choose database from folder". My project's folder looks like this:
I am receiving the…

Mouna Camelia Hammoudi
- 596
- 1
- 5
- 19
0
votes
1 answer
CodeQL does not work: "Fatal error compiling: invalid target release: 11"
I want to use the code scanning tool CodeQL. I follow the steps in the guide to enable code scanning using github actions. But I get the following error message from the pipeline:
[ERROR] Failed to execute goal…

flaxel
- 4,173
- 4
- 17
- 30
0
votes
1 answer
Way to implement CI test to check if function argument is valid?
Let's say I have a python function and dictionary as follows:
d = {"a": 1, "b": 2, "c": 3}
def foo(input):
return d[input]
Is there a way when I push my code to GitHub (presumably with some sort of continuous integration) to check that all…

William Gearty
- 166
- 1
- 8
0
votes
1 answer
codeql CLI lgtm.yml: how to customize javascript extraction?
I can use an lgtm.yml file to customize the javascript extractor when building a database with LGTM.com, but how do I provide these customizations to the codeql CLI?
Specifically, I want to include a directory that the extractor excludes by default…

emarteca
- 51
- 4
0
votes
1 answer
Can GitHub's / Semmle's CodeQL Query Executor be Self-hosted
I'd like to enable users of my service to write and execute CodeQL queries. I don't want to offload their execution to GitHub's / Semmle's servers. It's unclear whether this is doable, or whether I'd run into licensing issues.
In the security lab,…

Harry Solovay
- 483
- 3
- 14
0
votes
1 answer
How is this recursive CodeQL predicate is evaluated?
I'm in the process of trying to learn CodeQL and I'm a little confused about how certain CodeQL code is evaluated. I'm hoping someone can help me with a more simplistic explanation.
Take the following CodeQL code:
string getANeighbor(string…

wtfacoconut
- 334
- 1
- 8
-1
votes
1 answer
running precommit hooks with codeql/GHAS sast scans?
I'm just getting started with CodeQL and we have a requirement from our devs to CodeQL sast scans as precommit hooks. I could not find any docs on how to set up CodeQL to make it run on my machine.
Additional context (to answer questions…

nnay84
- 167
- 1
- 12
-1
votes
1 answer
What is a good indicator of a request sent over a socket?
I am writing some codeql for web servers like apache and nginx. I have done some research and found that a good indicator of a request is ntohs or ntohl because the the data that is sent over a socket needs to be converted from network byte order to…

lemonadeice
- 13
- 4
-2
votes
1 answer
Compiling single file from Chromium
I am trying to run codeql on Chromium among a few other open-source software, and I was wondering if it is possible to compile a single file from the full source code, because my machine takes a long time to compile such huge codebases.
For example,…

sadmansh
- 917
- 2
- 9
- 21
-2
votes
1 answer
How to pass GIT_COMMIT variable to the Jenkins Pipeline
I'm unable to find a way to pass the GIT_COMMIT variable to the jenkins pipeline.
There are two steps, first step checks out the repo and second step creates the codeql report. To publish the report I need the recent ccommit id from the repo and…

tarun
- 17
- 7