codeql-go
codeql-go copied to clipboard
github
The CodeQL extractor and libraries for Go.
Assumption A is a struct with fields {birthday, name, id}, i got instanceA from unmarshal input data. I want to TaintTracking the field "instanceA.birthday", How do I write the ql...
The CodeQL Go extractor and libraries are moving to a new home! ## Summary - Old location: The `github/codeql-go` repository - New location: The [`github/codeql`](https://github.com/github/codeql) repository, specifically https://github.com/github/codeql/tree/main/go. The `github/codeql-go`...
`strings.Replacer.Replace` and `strings.Replacer.WriteString`
## Changes Building on @tunnelshade's work in #611, add a few additional methods with similar signatures/issues. These are vulnerable sinks if the first parameter is tainted input. Some of these...
Hello, team! The idea of this PR is to improve default `SqlInjection.ql` query by adding `github.com/jackc/pgx` module and related. I basically reused existing `SqlInjection.ql` query, and created a custom `PgxSqlInjection.ql`...
This will make post-update nodes easy to implement. Queries / tests that required changes: * The CleartextLogging and MissingErrorCheck queries are updated because they assumed def-use flow * The CommandInjection...
Per @p0's request, I'm making this PR so that there's a record of the branch upon which Bazel work in other repositories depends.
The contents of this repository have been migrated to the `github/codeql` repository, specifically https://github.com/github/codeql/tree/main/go. See https://github.com/github/codeql-go/issues/741 for details. Remove the contents of this repo, keeping only licensing and repo docs,...