codeql
codeql copied to clipboard
github
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
A constant-time algorithm should be used for checking the value of info. In other words, the comparison time should not depend on the content of the input, Otherwise, an attacker...
This is my first query for C/C++ I think, so there is likely some improvement possible.
**Version** CodeQL extension version: 1.6.12 CodeQL CLI version: 2.10.4 Platform: win32 x64 Additional VS Code settings: ``` "codeQL.canary": true, "codeQL.runningQueries.debug": true, "codeQL.runningQueries.numberOfThreads": 4, "codeQL.runningTests.numberOfThreads": 4, ``` **Description of the issue**...
### Description It appears the Index page of the CodeQL classes for a language seems to be incomplete, at least for Java. It does not include all CodeQL classes and...
CodeQL is throwing an error for multiple variable declarations on one line when there is not multiple declarations. ``` } *PortNum = ntohs(sa_port); return OS_SUCCESS; } /* end OS_SocketAddrGetPort_Impl */...
When we call `ZeroBound::getExpr` to get an expression that matches a given bound we eventually reach https://github.com/github/codeql/blob/8b8e74cc9a11f3cb5bedd0aed42ec26de179dc61/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/Bound.qll#L57 which will match _any_ instruction with a constant value of `0`. As @rdmarsh2...
For the following code snippet: ``` class A{ public virtual void someFunc(){} } class B : A{ public override void someFunc(){} } public A createB(){ return new B(); } main(){...
This is an experimental branch for disabling all flow summaries to check the effect it has on the produced alerts.
I'm trying to detect sanitizing/barrier guards in more complex control flow. In another BarrierGarud issue I opened (https://github.com/github/codeql/issues/10011), we established how to address complex dataflow into the barrier guard, but...
Java: `getNumberOfCommentLines` and `getNumberOfLinesOfCode` should only exist for supported classes
The predicates `getNumberOfCommentLines()` and `getNumberOfLinesOfCode()` are currently defined for `Top`, however they only seem to have results for the following CodeQL classes (list might be incomplete): - `XMLFile` - `CompilationUnit`...