No result of the query

[sonyavalo]

Hello, my name is Sofya I was trying to run an example from this link on Visual Studio Code: https://codeql.github.com/docs/codeql-language-guides/analyzing-data-flow-in-javascript-and-typescript/#analyzing-data-flow-in-javascript-and-typescript I created a database of Node.js library manually and added it to Visual Studio Code and it is activated. My query look like that:

/**

• @kind path-problem */

import javascript import DataFlow::PathGraph

class CommandLineFileNameConfiguration extends TaintTracking::Configuration { CommandLineFileNameConfiguration() { this = "CommandLineFileNameConfiguration" }

override predicate isSource(DataFlow::Node source) { DataFlow::globalVarRef("process").getAPropertyRead("argv").getAPropertyRead() = source }

override predicate isSink(DataFlow::Node sink) { DataFlow::moduleMember("fs", "readFile").getACall().getArgument(0) = sink } }

from CommandLineFileNameConfiguration cfg, DataFlow::Node source, DataFlow::Node sink where cfg.hasFlow(source, sink) select sink, source, sink, ""

Unfortunately this query is not giving any results. (no errors occured) Can you help me with it please? Maybe the problem is in database?

[tausbn]

Thank you for your question.

If your query isn't producing any output, you may want to try debugging it. I would first check that your isSource and isSink predicates actually capture the data-flow nodes you are interested in. If you're using the VSCode CodeQL extension, then the "quick-eval" feature is very useful for this sort of thing.

Also, I note that your select clause has the empty string as the message:

select sink, source, sink, ""

You may want to change that to something a bit more descriptive.