-
I just start learning Codeql, and I want to analyze Data flow and Control flow of a program. Now I learn **_getASuccessor_** and Global DataFlow analyze. And I have some questions:
1. Is there any …
icy17 updated
2 years ago
-
### Describe the bug
Does Spoon support to do static program slicing for inter-procedural program analysis.
I see there are many many tools out there. But none of them support (or work actually) t…
-
## Step 10: Putting it all together
Great! you made it to the final step :tada:
We have now identified
- (a) [places in the program](https://github.com/yuuki1967/codeql-javascript-unsafe-jquery-plug…
-
```
It would be nice if the checker could detect that 'test' being true implies 'o'
is non-null.
=== Test.java ===
import javax.annotation.Nullable;
abstract class Test {
abstract @Nullab…
-
```
If you call the method, Utilities.getMethodDeclaration(...) on an ASTNode
that is part of a field initializer, it returns null. This seems to make
sense, except that Crystal pretends like field …
-
This issue is mainly about global taint analysis implemented offcially by CodeQL C/C++.
libs I use :
```codeql
import semmle.code.cpp.dataflow.TaintTracking
import DataFlow::PathGraph
```
a…
-
As the [slither repo](https://github.com/crytic/slither) points to your paper, and your paper states :
> In order to obtain those features, one can use compilers such as Slither [16], a static anal…
-
I'm looking for general assistance on how to properly use codeql with barrier guards when the guard condition may not be computed in the guard itself, but instead also data traces into a guard:
Con…
-
### Precheck
* Take a look at the open issues and be sure that your issue is not already covered.
* Be sure your versions of Dialyxir and Erlex are up to date.
### Environment
* Elixir & Erl…
-
**Version Used**:
**Steps to Reproduce**:
```csharp
public class A
{
public C B { get; }
}
public class C
{
public void M(object x)
{
if (x is A { B: C c } a) { }…