diff --git a/CodeQL-workshop-overview-only.pdf b/CodeQL-workshop-overview-only.pdf new file mode 100644 index 0000000..0e4f5b2 Binary files /dev/null and b/CodeQL-workshop-overview-only.pdf differ diff --git a/README.org b/README.org index f9f9a5c..44765d8 100644 --- a/README.org +++ b/README.org @@ -57,8 +57,8 @@ To get started, build the codeql database (adjust paths to your setup): #+BEGIN_SRC sh # Build the db with source commit id. - export PATH=$HOME/local/vmsync/codeql250:"$PATH" - SRCDIR=$HOME/local/codeql-training-material.cpp-sqli/cpp/codeql-dataflow-sql-injection + export PATH=$HOME/local/codeql-2.7.6/codeql:"$PATH" + SRCDIR=$HOME/local/codeql-dataflow-sql-injection DB=$SRCDIR/cpp-sqli-$(cd $SRCDIR && git rev-parse --short HEAD) echo $DB @@ -70,7 +70,6 @@ Then add this database directory to your VS Code =DATABASES= tab. - ** Build codeql database in steps For larger projects, using a single command to build everything is costly when any part of the build fails. @@ -179,8 +178,8 @@ #+BEGIN_SRC sh # The setup information from before - export PATH=$HOME/local/vmsync/codeql250:"$PATH" - SRCDIR=$HOME/local/codeql-training-material.cpp-sqli/cpp/codeql-dataflow-sql-injection + export PATH=$HOME/local/codeql-2.7.6/codeql:"$PATH" + SRCDIR=$HOME/local/codeql-dataflow-sql-injection DB=$SRCDIR/cpp-sqli-$(cd $SRCDIR && git rev-parse --short HEAD) # Check paths @@ -191,16 +190,16 @@ codeql database analyze -h # Run a query - codeql database analyze \ - -v \ - --ram=14000 \ - -j12 \ - --rerun \ - --search-path ~/local/vmsync/ql \ - --format=sarif-latest \ - --output cpp-sqli.sarif \ - -- \ - $DB \ + codeql database analyze \ + -v \ + --ram=14000 \ + -j12 \ + --rerun \ + --search-path $HOME/local/codeql-2.7.6/ql \ + --format=sarif-latest \ + --output cpp-sqli.sarif \ + -- \ + $DB \ $SRCDIR/SqlInjection.ql # Examine the file in an editor diff --git a/codeql-dataflow-sql-injection.code-workspace b/codeql-dataflow-sql-injection.code-workspace index aa1d6e9..6faf119 100644 --- a/codeql-dataflow-sql-injection.code-workspace +++ b/codeql-dataflow-sql-injection.code-workspace @@ -4,14 +4,14 @@ "path": "." }, { - "path": "../../../vmsync/ql" + "path": "../codeql-2.7.6/codeql" }, { - "name": "[cpp-sqli-89900b3 source archive]", - "uri": "codeql-zip-archive://0-110/Users/hohn/local/codeql-training-material.cpp-sqli/cpp/codeql-dataflow-sql-injection/cpp-sqli-89900b3/src.zip" + "name": "[cpp-sqli-dd664fe source archive]", + "uri": "codeql-zip-archive://0-72/Users/hohn/local/codeql-dataflow-sql-injection/cpp-sqli-dd664fe/src.zip" } ], "settings": { "codeQL.runningQueries.autoSave": true } -} \ No newline at end of file +} diff --git a/sarif-summary.jq b/sarif-summary.jq new file mode 100644 index 0000000..1f60353 --- /dev/null +++ b/sarif-summary.jq @@ -0,0 +1,60 @@ +# -*- sh -*- +.runs | .[] | .results | .[] | + ( (.ruleId, ": ", + (.message.text | split("\n") | ( .[0], " [", length-1 , " more]")), + "\n") + , + (if (.codeFlows != null) then + (.codeFlows | .[] | + (" Path\n" + , + ( .threadFlows | .[] | .locations | .[] | .location | " " + , + ( .physicalLocation | ( .artifactLocation.uri, ":", .region.startLine, ":")) + , + (.message.text, " ") + , + "\n" + ))) + else + (.locations | .[] | + ( " " + , + (.physicalLocation | ( .artifactLocation.uri, ":", .region.startLine, ":")) + )) + , + # .message.text, + "\n" + end) + ) | tostring + +# This script extracts the following parts of the sarif output: +# +# # problem +# "runs" : [ { +# "results" : [ { +# "ruleId" : "cpp/UncheckedErrorCode", + +# # path problem +# "runs" : [ { +# "tool" : { +# "driver" : { +# "rules" : [ { +# "properties" : { +# "kind" : "path-problem", + +# "runs" : [ { +# "results" : [ { +# "ruleId" : "cpp/DangerousArithmetic", +# "ruleIndex" : 6, +# "message" : { +# "text" : "Potential overflow (conversion: int -> unsigned int)\nPotential overflow (con + +# "runs" : [ { +# "results" : [ { +# "codeFlows" : [ { +# "threadFlows" : [ { +# "locations" : [ { +# "location" : { +# "message" : { +# "text" : "buff"