hohn/codeql-dataflow-sql-injection-go
1
0
Fork 0
mirror of https://github.com/hohn/codeql-dataflow-sql-injection-go.git synced 2025-12-16 10:13:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fixed the -- completely -- broken Sink query

Browse Source
This commit is contained in:
michael hohn
2025-09-04 23:32:50 -07:00
committed by =michael hohn
parent 28c40f9af3
commit 3b932164e5
5 changed files with 21 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
README.org
View File

@@ -17,7 +17,8 @@
go mod tidy 2>/dev/null || true
# Create the CodeQL database (Go extractor auto-detected)
codeql database create db --language=go --source-root .
codeql database create db.4b6900 --language=go --command=./build.sh
#+end_src
If you already have a database, you can skip creation and reuse it.
@@ -32,7 +33,7 @@
codeql pack install
# Run both queries in this directory against the database
codeql database analyze db . \
codeql database analyze db.4b6900 . \
--format=sarifv2.1.0 \
--output=results.sarif
#+end_src
@@ -41,7 +42,10 @@
#+begin_src shell
codeql database analyze db SourceGetUserInfo.ql --format=text
codeql database analyze db SinkExecCommandThirdArg.ql --format=text
codeql database analyze db.4b6900 \
SinkExecCommandThirdArg.ql \
--format=sarifv2.1.0 \
--output=SinkExecCommandThirdArg.sarif
#+end_src
* Notes