Skip to main content
93 questions
Newest Active Bountied Unanswered
Filter by
Sorted by
Tagged with
0 votes
0 answers
40 views

recently I have been using CodeQL and been trying to read through the documentation to find what methods I should use. I do not know if I am looking in the wrong place or if their documentation is bad....
Erica's user avatar
  • 23
1 vote
1 answer
69 views

My goal is to run multiple CodeQL query packs and suites (like security-extended and audit) in one GitHub Action workflow, and ideally merge the results into one SARIF file for upload to GitHub Code ...
David Ng's user avatar
  • 19
0 votes
1 answer
54 views

I am using following Java code package com.example; public class TestClass { public String s = "test"; public void directCall() { s = "test2"; ...
Gaurav's user avatar
  • 796
0 votes
0 answers
58 views

I was getting Missing CSRF Vulnerability in codeQL to fix that i implemented it , i am using both session base and auth base (Jwt) STEP 1 - Installed Lusca and Enabled Sessions (CSRF needs them) - npm ...
user0999's user avatar
  • 23
0 votes
1 answer
213 views

I have been trying to setup the following query in a linux enviorment. /** * @name SpectreV1 * @description Finds potential spectre v1 gadgets * @kind path-problem * @problem.severity warning * @...
LambTheBamb's user avatar
  • 37
1 vote
0 answers
112 views

I am looking at a Microservices Gradle project which has got flagged by CodeQL scan with the alert: "'TrustManager' that accepts all certificates". When I looked into the alert, the class ...
alchn's user avatar
  • 457
1 vote
0 answers
54 views

Is it possible to search for UAF by tracking clones of arguments from the "free" function? For example, in this code: /** * @name Use after free * @kind path-problem * @id cpp/use-after-...
Jija Biba's user avatar
  • 21
0 votes
0 answers
17 views

I want to write a codeql query in which the sourceNode is a parameter of a class and the sink is any object it affects (for my personal usecase I want to get all instances where the value eventually ...
Edward Carlson's user avatar
  • 11
0 votes
1 answer
500 views

I have an GitHub Advanced Security environment running in my GitHub enterprise account. When it uses either the default configuration, or the advanced configuration that I've built, it works. ...
dorkasaurusrex's user avatar
  • 1
0 votes
0 answers
81 views

Using CodeQL CLI, when I decode the results of query below to get initialized values, the output for longer strings are truncated (For instance, instead of Hello World in full, it appears as Hel .. ...
ReyCerdy's user avatar
  • 1
0 votes
1 answer
599 views

I am running CodeQL inside a private organization with advanced security enabled. It is working good for default queries. The queries security-extended and security-and-quality are executed, results ...
Matthias's user avatar
  • 1,374
0 votes
1 answer
110 views

We recently started to use VerifyTests/Verify on Mstest .Net 8. Projects. One of my colleagues has an error on local build: CS0119  'TestContext' is a type, which is not valid in the given context ...
Michael Freidgeim's user avatar
  • 28.8k
0 votes
1 answer
306 views

Qt have a distinct way of importing JavaScript resources from other JavaScript resources, where the syntax is: .import "filename.js" as Qualifier More about this syntax is found here. The ...
gulgummiand's user avatar
  • 19
0 votes
1 answer
114 views

I'm using filter-sarif in my codeql yml file to ignore certain paths. This setup works perfectly in a feature branch where I initially added the ignore paths. However, after merging the changes into ...
Raghav Goyal's user avatar
  • 1
0 votes
0 answers
294 views

I have an Azure DevOps build pipeline. In that pipeline I am trying to build a Swift codebase and scan it with CodeQL. I am using indirect tracing to separate the CodeQL and build steps into separate ...
Ben's user avatar
  • 2,787
1 vote
1 answer
532 views

I'm writing functions for a Python package to register files from a file system to an SQL database, and GitHub's CodeQL has flagged that the file paths are a potential security risk. I have ...
TheEponymousProgrammer's user avatar
  • 301
1 vote
1 answer
158 views

Given the example code below: #include <stdio.h> #include <stdlib.h> typedef struct { int name; } type4; typedef struct { int name; type4 *p4; } type3; typedef struct { ...
pitboy1o1's user avatar
  • 11
0 votes
1 answer
360 views

I am trying to learn Codeql analysis tool and running into some issues while running the query. I am able to successfully create the database upon running the command: codeql database create But ...
user1462617's user avatar
  • 433
2 votes
1 answer
58 views

I have a variable that is set as a global variable in the package (not inside a function): var myArr []byte = make([]byte, 0) I wanted to find all the places where a variable is initialized with make(...
E235's user avatar
  • 13.9k
0 votes
1 answer
106 views

My company's development project uses yml files as configuration files. How can I use codeql to detect whether these yml files contain sensitive information such as plain text passwords? When I ...
expl0it's user avatar
  • 21
1 vote
3 answers
2k views

I want to run custom codeql queries for Advanced Security in Azure DevOps (this is a feature that is now available in Azure DevOps not only GitHub). The built in default queries like security-and-...
Patrik Lindström's user avatar
  • 1,157
1 vote
1 answer
653 views

I'm working on a function that returns a HTTP response from https://pypi.org/simple/ when Python's pip installer requests it for a package. When pushing my code onto GitHub, the CodeQL checks warn of ...
TheEponymousProgrammer's user avatar
  • 301
0 votes
1 answer
61 views

I am captuing stdout and stderror of running a process into a file in windows: .\run-process > debug-log.txt 2>&1 But the problem is this combines stdout and stderror into a single file ...
Node.JS's user avatar
  • 1,724
0 votes
0 answers
41 views

I have a really simple regex (/<[^>]*?>/g) which strips tags and leave text. I know it isn't perfect, and I know that I should be used a DOM parser for such a test, but please humour me :-) ...
Allan Jardine's user avatar
  • 5,541
0 votes
2 answers
256 views

I am new to github advance security. I have create a Github repo and enabled Codeql scanning. And used queries: security-extended,security-and-quality in codeql.yml file. Still if I add a comment in ...
EnigmaticJohn's user avatar
  • 159
1 vote
0 answers
730 views

I am working on creating a query using codeql so that I can detect CWE vulnerabilities in Java code. My query executes just fine using the VS Code CodeQL extension, so I know that logically it works ...
Kyler's user avatar
  • 43
1 vote
1 answer
961 views

I have a CodeQL CLI bundle (v2.13.5) stored on an on-prem Artifactory repository. I want to fetch this, store it using the tool-cache action and then run the CodeQL action on GitHub Actions. I have ...
Ben's user avatar
  • 2,787
0 votes
0 answers
269 views

Working through some code alerts and came across this note on CodeQL: Missing Override annotation. along with the following description: This method overrides abstractEntity.canEqual; it is advisable ...
mttcrdr's user avatar
  • 1
1 vote
1 answer
758 views

Suppose you wanted to run CodeQL analysis across a large set of repos that contain Java code. Some repos have mvn/ant/gradle setup properly to build their code.. CodeQL results look solid + works ...
Dan Bradbury's user avatar
  • 2,135
-1 votes
2 answers
1k views

I have a yaml pipeline to do code scanning and dependency scanning with Github Advanced Security for Azure devops: pool: vmImage: ubuntu-latest steps: - task: AdvancedSecurity-Codeql-Init@1 ...
Enrico's user avatar
  • 3,645
0 votes
1 answer
93 views

In my code I get the above warning. Here is the part of the code where I get it, @Data @Builder public class Employee { private String email; @Data @Builder public static class Department{ ...
Chandra Bhushan Kumar's user avatar
  • 1
0 votes
1 answer
585 views

On CodeQL analysis, I faced the below issue with Dataset codeql_databases/go/db-go has been finalized and does not support further TRAP import. The github/codeql-action/init is used for the creation ...
NoName's user avatar
  • 21
0 votes
0 answers
55 views

How can I get all different paths to specific method? import csharp import DataFlow::PathGraph class TaintTrackingConfiguration extends TaintTracking::Configuration { TaintTrackingConfiguration() {...
ravid's user avatar
  • 39
1 vote
0 answers
141 views

I'm trying to execute a simple CodeQL query without any success. The following query should just list calls to GetSanitizedName method. Small example to reproduce the error(s): set -x TEST_DIR="/...
ravid's user avatar
  • 39
1 vote
1 answer
2k views

I have a repository that has a Java codebase that is built using Gradle. In the Azure DevOps pipeline for this application I am first running the following command to setup the CodeQL build tracing: ...
Ben's user avatar
  • 2,787
1 vote
1 answer
787 views

I have this error, I read that it can be configured to scan php code, but it fails. What am I doing wrong? Languages from configuration: php Error: Did not recognize the following languages: php name: ...
Luciano Nahuel Gimenez Ausfet's user avatar
  • 11
0 votes
1 answer
343 views

I'm trying to piece together some scripts to add CodeQL scanning to a existing build pipeline on Azure DevOps. For compiled languages such as .NET, a pre-compile command is required to create a CodeQL ...
Ben's user avatar
  • 2,787
1 vote
2 answers
2k views

Anyone has any experience with «GitHub Advanced Security for Azure DevOps»? https://learn.microsoft.com/en-us/azure/devops/repos/security/configure-github-advanced-security-features?view=azure-devops&...
erradi mourad's user avatar
  • 279
0 votes
1 answer
4k views

I'm trying to scan java code with codeql. In my repo I have some class files: src/com/org/proj/Main.java src/com/org/proj/Task.java It's very simple and was built by Eclipse and I only exported the ...
Dániel Kőcs's user avatar
  • 76
0 votes
1 answer
620 views

Hi in our below code using codeql scanning got an alert that "This part of the regular expression may cause exponential backtracking on strings starting with '0' and containing many repetitions ...
bionics parv's user avatar
  • 43
2 votes
1 answer
409 views

I have a simple Golang Gin API that uses MongoDB as the backend database. My team is using GitHub CodeQL, so we want to be sure we are following the best standards. However, we continue to get this ...
Kyle Barnes's user avatar
  • 781
0 votes
1 answer
704 views

for various reasons I decided to set an environment variable in IntelliJ for the output directory defined in pom.xml. <plugin> <groupId>org.apache.maven.plugins&...
Chris Haas's user avatar
  • 3
0 votes
1 answer
177 views

I am using codeql TaintTracking and I noticed by default it does not follow data for functions it doesn't know. for exapmple for this code: import pd a = src + anything df = pd.DataFrame(a) if src is ...
Atlantis's user avatar
  • 592
-4 votes
2 answers
228 views

do you know why CodeQL suggest this? what is wrong in the code? values = vals.replace(/(^\s*<!--)|(-->\s*$)|\s+/g, '').split(','); This regular expression only parses --> and not --!> as a ...
Oliver Modinger Oroz's user avatar
  • 1
1 vote
0 answers
419 views

I am learning CodeQL and I now have several custom CodeQL queries for a Java library that we use. The queries run in VSCode, if I run them one by one. I would like to be able to use them duing the ...
carlspring's user avatar
  • 33k
-1 votes
1 answer
387 views

I'm just getting started with CodeQL and we have a requirement from our devs to CodeQL sast scans as precommit hooks. I could not find any docs on how to set up CodeQL to make it run on my machine. ...
nnay84's user avatar
  • 177
2 votes
2 answers
821 views

Converting a.getChild(1) to a string using toString() test.ql /** * @id custom * @kind problem * @problem.severity warning * */ import javascript from ObjectExpr oe, Property p1, int i, AstNode ...
Benassin's user avatar
  • 47
0 votes
1 answer
2k views

I am trying to configure CodeQL scanning on my repo. For that purpose I am using the template provided by GitHub: # For most projects, this workflow file will not need changing; you simply need # to ...
delucaezequiel's user avatar
  • 669
0 votes
1 answer
1k views

It's my first time using codeql,the dir demo contains a simple cpp file,i tried to run a demo like this codeql database create ./demo-db -s . --language=cpp . However,it ran into issue,here are the ...
turtle-russ's user avatar
  • 11
1 vote
1 answer
657 views

I am new to CodeQL and have started learning about dataflow queries for C/C++ programs. Following is a excerpt of a C program that I want to analyse: int main(int argc, char * argv[]) { unsigned ...
Sanjay's user avatar
  • 95

1
2