Closed billquan closed 1 year ago
Hi @billquan. Those examples are mainly for including the in query help (such as https://codeql.github.com/codeql-query-help/python/py-path-injection/) so sometimes proper imports have not been included.
We have dedicated tests for all our queries. For example, you can find the tests for the path injection query here: https://github.com/github/codeql/tree/main/python/ql/test/query-tests/Security/CWE-022-PathInjection
It's certainly better if the examples are written in a way where they are not only helpful for humans, but also the queries are able to highlight the problems. I'll take a look at these in particular, to improve the matter -- but in general I would recommend you use the test folders for testing out the queries :wink:
Closing this question now. Feel free to reopen if you have more question on this topic.
Hi @RasmusWL. It seems the default python query suite does not give any results on the tests either. I followed the same steps.
Do you have any idea what is wrong, or how can I debug to find out what's wrong? Thank you!
Hi @billquan, it's simply because the log injection query is not part of the default query suite.
you can check this by running the following two commands, and seeing that only the second has a result.
$ codeql resolve queries python/ql/src/codeql-suites/python-code-scanning.qls 2>/dev/null | grep -i loginjection
$ codeql resolve queries python/ql/src/codeql-suites/python-security-extended.qls 2>/dev/null | grep -i loginjection
if you want to run a specific query against a database, you can always use codeql database analyze <database> <query>
Hi,
I'm trying to use codeql Cli for vulnerability detection for Python programs. I tried out the default query suite codeql\python-queries\0.6.2 on the example cases of CWE-22 (https://github.com/github/codeql/tree/codeql-cli/latest/python/ql/src/Security/CWE-022/examples), but it produced an empty output file.
I'm using the following commands:
Is there any problem?