Jeroen Ketema
Jeroen Ketema
I think the question is: do we want to introduce this query, or might it be better to find ways of extending the one we already have with more functions?...
> you're right. what do you think about: Not very helpful, as I need to dig into the defined predicate to figure out what `bpos` and `spos` are. More helpful...
> > Were you planning to submit this for a security bounty? > yes I plan You'll need to submit this before we merge this.
> Do I need to do this for this PR only, or do I have to generate pre-merge requests for all PRs? Preferably for all.
@ihsinme The formatting of the query file doesn't follow our guidelines, could you please reformat? Thanks.
@ihsinme I had totally forgotten about this, but basic performance tips can be found here: https://codeql.github.com/docs/writing-codeql-queries/troubleshooting-query-performance/
Correct. I don't think the "troubleshooting query performance" page would have helped a lot in this particular case, but trying the tips mentioned there are generally a good starting point.
Please ping security lab about this. Note that people may be on holiday, so response might be slow.
https://github.com/github/codeql/pull/9872 might have flipped this back to not being a regression. Might still be good to rewrite this to make it more stable in the long run. I haven't looked...
> I'm trying to understand why there is a discrepancy in finding function definitions. I'm guessing there is probably some dynamic loading going on This is indeed most likely due...