-
Content-Length: 190
{"jsonrpc":"2.0","method":"textDocument/publishDiagnostics","params":{"uri":"file:///D:/Private/security/codeQL/vscode-codeql-starter/codeql-custom-queries-cpp/qlpack.yml","diag…
-
We'll need to implement ReDoS and regex injection queries following up on https://github.com/Semmle/ql/pull/2743
-
2023/03/30 10:46:44 functions.py WARNING
2023/03/30 10:46:44 functions.py WARNING
2023/03/30 10:46:46 functions.py WARNING A fatal error occurred: Error reading /Users/xxxxx/tools/codeqldemo/ql/java…
-
Currently `instanceof` only supports a single type as right operand. This can make its usage quite verbose when multiple alternative type checks have to be performed. For example search in the CodeQL …
-
The Java predicate `ReflectiveMethodAccess::inferAccessedMethod()` only checks the name of the method but ignores the parameters:
https://github.com/github/codeql/blob/04a7ff7f762cd11d9cba0ab864cc6bb…
-
Copied from https://github.com/Semmle/ql/issues/2997, filed by @khanhbnv-0950:
> i truy `codeql database analyze ql/javascript/ql/src/Security/ --format=csv -o test.csv`, but i give error
> ```s…
-
**Bugs in generating AST for cpp**
For research pusposes, I need the codeql's ability of generating ASTs of specific functions in C/C++, which are further parsed and used.
Occasionally, I encoun…
-
When testing CodeQL on my project's C++ code, the build succeeded but the following analysis step failed. The error in the log has a lot of Java-related details that are perhaps too long to paste here…
-
**CFA(Control Flow Analysis)**
I used the following simple QL statement:
```
/**
* @name Control Flow Graph Visualization
* @description This query identifies control flow nodes within a functi…
-
`TraintTrackingUtil.qll` currently models that all `ObjectInputStream` read% methods preserve tainted data:
https://github.com/github/codeql/blob/cb527cae738e59d8b601c0f51302cd6247ff31ca/java/ql/src/…