hohn/codeql-dataflow-sql-injection
1
0
Fork 0
mirror of https://github.com/hohn/codeql-dataflow-sql-injection.git synced 2025-12-16 18:23:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

workshop updates

Browse Source
This commit is contained in:
Michael Hohn
2022-06-08 14:05:32 +02:00
committed by =Michael Hohn
parent dd664fe4ef
commit 3fe610d354
4 changed files with 78 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
README.org
View File

@@ -57,8 +57,8 @@
To get started, build the codeql database (adjust paths to your setup):
#+BEGIN_SRC sh
# Build the db with source commit id.
export PATH=$HOME/local/vmsync/codeql250:"$PATH"
SRCDIR=$HOME/local/codeql-training-material.cpp-sqli/cpp/codeql-dataflow-sql-injection
export PATH=$HOME/local/codeql-2.7.6/codeql:"$PATH"
SRCDIR=$HOME/local/codeql-dataflow-sql-injection
DB=$SRCDIR/cpp-sqli-$(cd $SRCDIR && git rev-parse --short HEAD)
echo $DB
@@ -70,7 +70,6 @@
Then add this database directory to your VS Code =DATABASES= tab.
** Build codeql database in steps
For larger projects, using a single command to build everything is costly when
any part of the build fails.
@@ -179,8 +178,8 @@
#+BEGIN_SRC sh
# The setup information from before
export PATH=$HOME/local/vmsync/codeql250:"$PATH"
SRCDIR=$HOME/local/codeql-training-material.cpp-sqli/cpp/codeql-dataflow-sql-injection
export PATH=$HOME/local/codeql-2.7.6/codeql:"$PATH"
SRCDIR=$HOME/local/codeql-dataflow-sql-injection
DB=$SRCDIR/cpp-sqli-$(cd $SRCDIR && git rev-parse --short HEAD)
# Check paths
@@ -191,16 +190,16 @@
codeql database analyze -h
# Run a query
codeql database analyze \
-v \
--ram=14000 \
-j12 \
--rerun \
--search-path ~/local/vmsync/ql \
--format=sarif-latest \
--output cpp-sqli.sarif \
-- \
$DB \
codeql database analyze \
-v \
--ram=14000 \
-j12 \
--rerun \
--search-path $HOME/local/codeql-2.7.6/ql \
--format=sarif-latest \
--output cpp-sqli.sarif \
-- \
$DB \
$SRCDIR/SqlInjection.ql
# Examine the file in an editor