Open ljs9904ljs opened 1 year ago
Hi @ljs9904ljs 👋🏻
Thanks for your question. The C source file in that directory appears to be an outdated example file and as you suspect, you're likely not getting any results due to the build errors.
We have a working integration test based on similar code in https://github.com/github/codeql/blob/8a314dd2cf12adbb4c0061cee189f56ac6e4ed13/cpp/ql/test/query-tests/Security/CWE/CWE-022/semmle/tests/
You can verify that this works as expected with codeql test run cpp/ql/test/query-tests/Security/CWE/CWE-022/semmle/tests
. The test should pass, meaning that the output matches that found in the TaintedPath.expected
file.
Thank you!
Description of the issue
<< codeql version >>
CodeQL command-line toolchain release 2.14.6.
<< codeql command test context >>
(a-1) Cloning codeql 'main' branch
git clone https://github.com/github/codeql.git codeql-main-clone
(a-2) Use reference c file in the CWE-022 directory
/home/junseok/workdir/codeql
is my directory path./home/junseok/workdir/codeql/codeql-main-clone/cpp/ql/src/Security/CWE/CWE-022
CWE-022 directory contains... TaintedPath.c TaintedPath.qhelp TaintedPath.ql
(a-3) Add makefile to the CWE-022 directory for database creation
<< makefile >>
(b-1) database creation
(b-2) Print build.log (database creation log file)
(c) database analysis
(d) output of database analysis
cat cpp-ql-cwe-22-output
command shows empty results.<< Questions >>
Why can't the ql file for CWE-022 detect vulnerabilities in c file for CWE-022? Is it not detected due to errors that exist during the build process?