hohn/codeql-intro-csharp
1
0
Fork 0
mirror of https://github.com/hohn/codeql-intro-csharp.git synced 2025-12-16 10:43:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Run analysis using given script and database

Browse Source
This commit is contained in:
Michael Hohn
2024-12-03 11:39:21 -08:00
committed by =Michael Hohn
parent 450b9897a1
commit 2a4a0d5413
12 changed files with 679 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

383
csharp-sqli.sarif Normal file
View File

@@ -0,0 +1,383 @@
{
"$schema": "https://json.schemastore.org/sarif-2.1.0.json",
"version": "2.1.0",
"runs": [
{
"tool": {
"driver": {
"name": "CodeQL",
"organization": "GitHub",
"semanticVersion": "2.19.2",
"notifications": [
{
"id": "cs/baseline/expected-extracted-files",
"name": "cs/baseline/expected-extracted-files",
"shortDescription": {
"text": "Expected extracted files"
},
"fullDescription": {
"text": "Files appearing in the source archive that are expected to be extracted."
},
"defaultConfiguration": {
"enabled": true
},
"properties": {
"tags": [
"expected-extracted-files",
"telemetry"
]
}
},
{
"id": "cli/sip-enablement",
"name": "cli/sip-enablement",
"shortDescription": {
"text": "macOS SIP enablement status"
},
"fullDescription": {
"text": "macOS SIP enablement status"
},
"defaultConfiguration": {
"enabled": true
}
}
],
"rules": [
{
"id": "csharp/intro/FindFunction",
"name": "csharp/intro/FindFunction",
"shortDescription": {
"text": "Find Function"
},
"fullDescription": {
"text": "List certain functions in a DB"
},
"defaultConfiguration": {
"enabled": true,
"level": "warning"
},
"properties": {
"description": "List certain functions in a DB",
"id": "csharp/intro/FindFunction",
"kind": "problem",
"name": "Find Function",
"problem.severity": "warning"
}
}
]
},
"extensions": [
{
"name": "sample/csharp-sql-injection",
"semanticVersion": "0.0.1",
"locations": [
{
"uri": "file:///Users/hohn/work-gh/codeql-intro-csharp/",
"description": {
"text": "The QL pack root directory."
},
"properties": {
"tags": [
"CodeQL/LocalPackRoot"
]
}
},
{
"uri": "file:///Users/hohn/work-gh/codeql-intro-csharp/qlpack.yml",
"description": {
"text": "The QL pack definition file."
},
"properties": {
"tags": [
"CodeQL/LocalPackDefinitionFile"
]
}
}
]
},
{
"name": "codeql/csharp-all",
"semanticVersion": "3.1.1+de325133c7a95d84489acdf5a6ced07886ff5c6d",
"locations": [
{
"uri": "file:///Users/hohn/.codeql/packages/codeql/csharp-all/3.1.1/",
"description": {
"text": "The QL pack root directory."
},
"properties": {
"tags": [
"CodeQL/LocalPackRoot"
]
}
},
{
"uri": "file:///Users/hohn/.codeql/packages/codeql/csharp-all/3.1.1/qlpack.yml",
"description": {
"text": "The QL pack definition file."
},
"properties": {
"tags": [
"CodeQL/LocalPackDefinitionFile"
]
}
}
]
},
{
"name": "codeql/threat-models",
"semanticVersion": "1.0.12+de325133c7a95d84489acdf5a6ced07886ff5c6d",
"locations": [
{
"uri": "file:///Users/hohn/.codeql/packages/codeql/threat-models/1.0.12/",
"description": {
"text": "The QL pack root directory."
},
"properties": {
"tags": [
"CodeQL/LocalPackRoot"
]
}
},
{
"uri": "file:///Users/hohn/.codeql/packages/codeql/threat-models/1.0.12/qlpack.yml",
"description": {
"text": "The QL pack definition file."
},
"properties": {
"tags": [
"CodeQL/LocalPackDefinitionFile"
]
}
}
]
}
]
},
"invocations": [
{
"toolExecutionNotifications": [
{
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "SqliDemo/Injectable.cs",
"uriBaseId": "%SRCROOT%",
"index": 0
}
}
}
],
"message": {
"text": ""
},
"level": "none",
"descriptor": {
"id": "cs/baseline/expected-extracted-files",
"index": 0
},
"properties": {
"formattedMessage": {
"text": ""
}
}
},
{
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "HelloWorld/Program.cs",
"uriBaseId": "%SRCROOT%",
"index": 1
}
}
}
],
"message": {
"text": ""
},
"level": "none",
"descriptor": {
"id": "cs/baseline/expected-extracted-files",
"index": 0
},
"properties": {
"formattedMessage": {
"text": ""
}
}
},
{
"message": {
"text": ""
},
"level": "note",
"timeUtc": "2024-12-03T18:57:27.937528Z",
"descriptor": {
"id": "cli/sip-enablement",
"index": 1
},
"properties": {
"attributes": {
"isEnabled": true
},
"visibility": {
"statusPage": false,
"telemetry": true
}
}
}
],
"executionSuccessful": true
}
],
"artifacts": [
{
"location": {
"uri": "SqliDemo/Injectable.cs",
"uriBaseId": "%SRCROOT%",
"index": 0
}
},
{
"location": {
"uri": "HelloWorld/Program.cs",
"uriBaseId": "%SRCROOT%",
"index": 1
}
}
],
"results": [
{
"ruleId": "csharp/intro/FindFunction",
"ruleIndex": 0,
"rule": {
"id": "csharp/intro/FindFunction",
"index": 0
},
"message": {
"text": "Method found"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "SqliDemo/Injectable.cs",
"uriBaseId": "%SRCROOT%",
"index": 0
},
"region": {
"startLine": 8,
"startColumn": 19,
"endColumn": 31
}
}
}
],
"partialFingerprints": {
"primaryLocationLineHash": "e9487b577ff946ef:1",
"primaryLocationStartColumnFingerprint": "14"
}
},
{
"ruleId": "csharp/intro/FindFunction",
"ruleIndex": 0,
"rule": {
"id": "csharp/intro/FindFunction",
"index": 0
},
"message": {
"text": "Method found"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "SqliDemo/Injectable.cs",
"uriBaseId": "%SRCROOT%",
"index": 0
},
"region": {
"startLine": 17,
"startColumn": 16,
"endColumn": 24
}
}
}
],
"partialFingerprints": {
"primaryLocationLineHash": "7aff2558b806fcc8:1",
"primaryLocationStartColumnFingerprint": "11"
}
},
{
"ruleId": "csharp/intro/FindFunction",
"ruleIndex": 0,
"rule": {
"id": "csharp/intro/FindFunction",
"index": 0
},
"message": {
"text": "Method found"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "SqliDemo/Injectable.cs",
"uriBaseId": "%SRCROOT%",
"index": 0
},
"region": {
"startLine": 22,
"startColumn": 13,
"endColumn": 22
}
}
}
],
"partialFingerprints": {
"primaryLocationLineHash": "727c2f8457995f1b:1",
"primaryLocationStartColumnFingerprint": "12"
}
},
{
"ruleId": "csharp/intro/FindFunction",
"ruleIndex": 0,
"rule": {
"id": "csharp/intro/FindFunction",
"index": 0
},
"message": {
"text": "Method found"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "SqliDemo/Injectable.cs",
"uriBaseId": "%SRCROOT%",
"index": 0
},
"region": {
"startLine": 47,
"startColumn": 17,
"endColumn": 21
}
}
}
],
"partialFingerprints": {
"primaryLocationLineHash": "e39b50fafc292b5d:1",
"primaryLocationStartColumnFingerprint": "12"
}
}
],
"columnKind": "utf16CodeUnits",
"properties": {
"semmle.formatSpecifier": "sarif-latest"
}
}
]
}