mirror of
https://github.com/hohn/codeql-intro-csharp.git
synced 2025-12-15 18:23:04 +01:00
384 lines
11 KiB
JSON
384 lines
11 KiB
JSON
{
|
|
"$schema": "https://json.schemastore.org/sarif-2.1.0.json",
|
|
"version": "2.1.0",
|
|
"runs": [
|
|
{
|
|
"tool": {
|
|
"driver": {
|
|
"name": "CodeQL",
|
|
"organization": "GitHub",
|
|
"semanticVersion": "2.19.2",
|
|
"notifications": [
|
|
{
|
|
"id": "cs/baseline/expected-extracted-files",
|
|
"name": "cs/baseline/expected-extracted-files",
|
|
"shortDescription": {
|
|
"text": "Expected extracted files"
|
|
},
|
|
"fullDescription": {
|
|
"text": "Files appearing in the source archive that are expected to be extracted."
|
|
},
|
|
"defaultConfiguration": {
|
|
"enabled": true
|
|
},
|
|
"properties": {
|
|
"tags": [
|
|
"expected-extracted-files",
|
|
"telemetry"
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "cli/sip-enablement",
|
|
"name": "cli/sip-enablement",
|
|
"shortDescription": {
|
|
"text": "macOS SIP enablement status"
|
|
},
|
|
"fullDescription": {
|
|
"text": "macOS SIP enablement status"
|
|
},
|
|
"defaultConfiguration": {
|
|
"enabled": true
|
|
}
|
|
}
|
|
],
|
|
"rules": [
|
|
{
|
|
"id": "csharp/intro/FindFunction",
|
|
"name": "csharp/intro/FindFunction",
|
|
"shortDescription": {
|
|
"text": "Find Function"
|
|
},
|
|
"fullDescription": {
|
|
"text": "List certain functions in a DB"
|
|
},
|
|
"defaultConfiguration": {
|
|
"enabled": true,
|
|
"level": "warning"
|
|
},
|
|
"properties": {
|
|
"description": "List certain functions in a DB",
|
|
"id": "csharp/intro/FindFunction",
|
|
"kind": "problem",
|
|
"name": "Find Function",
|
|
"problem.severity": "warning"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"extensions": [
|
|
{
|
|
"name": "workshop/csharp-sql-injection",
|
|
"semanticVersion": "0.0.1",
|
|
"locations": [
|
|
{
|
|
"uri": "file:///Users/hohn/work-gh/codeql-intro-csharp/",
|
|
"description": {
|
|
"text": "The QL pack root directory."
|
|
},
|
|
"properties": {
|
|
"tags": [
|
|
"CodeQL/LocalPackRoot"
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"uri": "file:///Users/hohn/work-gh/codeql-intro-csharp/qlpack.yml",
|
|
"description": {
|
|
"text": "The QL pack definition file."
|
|
},
|
|
"properties": {
|
|
"tags": [
|
|
"CodeQL/LocalPackDefinitionFile"
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"name": "codeql/csharp-all",
|
|
"semanticVersion": "3.1.1+de325133c7a95d84489acdf5a6ced07886ff5c6d",
|
|
"locations": [
|
|
{
|
|
"uri": "file:///Users/hohn/.codeql/packages/codeql/csharp-all/3.1.1/",
|
|
"description": {
|
|
"text": "The QL pack root directory."
|
|
},
|
|
"properties": {
|
|
"tags": [
|
|
"CodeQL/LocalPackRoot"
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"uri": "file:///Users/hohn/.codeql/packages/codeql/csharp-all/3.1.1/qlpack.yml",
|
|
"description": {
|
|
"text": "The QL pack definition file."
|
|
},
|
|
"properties": {
|
|
"tags": [
|
|
"CodeQL/LocalPackDefinitionFile"
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"name": "codeql/threat-models",
|
|
"semanticVersion": "1.0.12+de325133c7a95d84489acdf5a6ced07886ff5c6d",
|
|
"locations": [
|
|
{
|
|
"uri": "file:///Users/hohn/.codeql/packages/codeql/threat-models/1.0.12/",
|
|
"description": {
|
|
"text": "The QL pack root directory."
|
|
},
|
|
"properties": {
|
|
"tags": [
|
|
"CodeQL/LocalPackRoot"
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"uri": "file:///Users/hohn/.codeql/packages/codeql/threat-models/1.0.12/qlpack.yml",
|
|
"description": {
|
|
"text": "The QL pack definition file."
|
|
},
|
|
"properties": {
|
|
"tags": [
|
|
"CodeQL/LocalPackDefinitionFile"
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"invocations": [
|
|
{
|
|
"toolExecutionNotifications": [
|
|
{
|
|
"locations": [
|
|
{
|
|
"physicalLocation": {
|
|
"artifactLocation": {
|
|
"uri": "SqliDemo/Injectable.cs",
|
|
"uriBaseId": "%SRCROOT%",
|
|
"index": 0
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"message": {
|
|
"text": ""
|
|
},
|
|
"level": "none",
|
|
"descriptor": {
|
|
"id": "cs/baseline/expected-extracted-files",
|
|
"index": 0
|
|
},
|
|
"properties": {
|
|
"formattedMessage": {
|
|
"text": ""
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"locations": [
|
|
{
|
|
"physicalLocation": {
|
|
"artifactLocation": {
|
|
"uri": "HelloWorld/Program.cs",
|
|
"uriBaseId": "%SRCROOT%",
|
|
"index": 1
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"message": {
|
|
"text": ""
|
|
},
|
|
"level": "none",
|
|
"descriptor": {
|
|
"id": "cs/baseline/expected-extracted-files",
|
|
"index": 0
|
|
},
|
|
"properties": {
|
|
"formattedMessage": {
|
|
"text": ""
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"message": {
|
|
"text": ""
|
|
},
|
|
"level": "note",
|
|
"timeUtc": "2024-12-05T17:27:32.001135Z",
|
|
"descriptor": {
|
|
"id": "cli/sip-enablement",
|
|
"index": 1
|
|
},
|
|
"properties": {
|
|
"attributes": {
|
|
"isEnabled": true
|
|
},
|
|
"visibility": {
|
|
"statusPage": false,
|
|
"telemetry": true
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"executionSuccessful": true
|
|
}
|
|
],
|
|
"artifacts": [
|
|
{
|
|
"location": {
|
|
"uri": "SqliDemo/Injectable.cs",
|
|
"uriBaseId": "%SRCROOT%",
|
|
"index": 0
|
|
}
|
|
},
|
|
{
|
|
"location": {
|
|
"uri": "HelloWorld/Program.cs",
|
|
"uriBaseId": "%SRCROOT%",
|
|
"index": 1
|
|
}
|
|
}
|
|
],
|
|
"results": [
|
|
{
|
|
"ruleId": "csharp/intro/FindFunction",
|
|
"ruleIndex": 0,
|
|
"rule": {
|
|
"id": "csharp/intro/FindFunction",
|
|
"index": 0
|
|
},
|
|
"message": {
|
|
"text": "Method found"
|
|
},
|
|
"locations": [
|
|
{
|
|
"physicalLocation": {
|
|
"artifactLocation": {
|
|
"uri": "SqliDemo/Injectable.cs",
|
|
"uriBaseId": "%SRCROOT%",
|
|
"index": 0
|
|
},
|
|
"region": {
|
|
"startLine": 8,
|
|
"startColumn": 19,
|
|
"endColumn": 31
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"partialFingerprints": {
|
|
"primaryLocationLineHash": "e9487b577ff946ef:1",
|
|
"primaryLocationStartColumnFingerprint": "14"
|
|
}
|
|
},
|
|
{
|
|
"ruleId": "csharp/intro/FindFunction",
|
|
"ruleIndex": 0,
|
|
"rule": {
|
|
"id": "csharp/intro/FindFunction",
|
|
"index": 0
|
|
},
|
|
"message": {
|
|
"text": "Method found"
|
|
},
|
|
"locations": [
|
|
{
|
|
"physicalLocation": {
|
|
"artifactLocation": {
|
|
"uri": "SqliDemo/Injectable.cs",
|
|
"uriBaseId": "%SRCROOT%",
|
|
"index": 0
|
|
},
|
|
"region": {
|
|
"startLine": 17,
|
|
"startColumn": 16,
|
|
"endColumn": 24
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"partialFingerprints": {
|
|
"primaryLocationLineHash": "7aff2558b806fcc8:1",
|
|
"primaryLocationStartColumnFingerprint": "11"
|
|
}
|
|
},
|
|
{
|
|
"ruleId": "csharp/intro/FindFunction",
|
|
"ruleIndex": 0,
|
|
"rule": {
|
|
"id": "csharp/intro/FindFunction",
|
|
"index": 0
|
|
},
|
|
"message": {
|
|
"text": "Method found"
|
|
},
|
|
"locations": [
|
|
{
|
|
"physicalLocation": {
|
|
"artifactLocation": {
|
|
"uri": "SqliDemo/Injectable.cs",
|
|
"uriBaseId": "%SRCROOT%",
|
|
"index": 0
|
|
},
|
|
"region": {
|
|
"startLine": 22,
|
|
"startColumn": 17,
|
|
"endColumn": 26
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"partialFingerprints": {
|
|
"primaryLocationLineHash": "727c2f8457995f1b:1",
|
|
"primaryLocationStartColumnFingerprint": "12"
|
|
}
|
|
},
|
|
{
|
|
"ruleId": "csharp/intro/FindFunction",
|
|
"ruleIndex": 0,
|
|
"rule": {
|
|
"id": "csharp/intro/FindFunction",
|
|
"index": 0
|
|
},
|
|
"message": {
|
|
"text": "Method found"
|
|
},
|
|
"locations": [
|
|
{
|
|
"physicalLocation": {
|
|
"artifactLocation": {
|
|
"uri": "SqliDemo/Injectable.cs",
|
|
"uriBaseId": "%SRCROOT%",
|
|
"index": 0
|
|
},
|
|
"region": {
|
|
"startLine": 47,
|
|
"startColumn": 17,
|
|
"endColumn": 21
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"partialFingerprints": {
|
|
"primaryLocationLineHash": "e39b50fafc292b5d:1",
|
|
"primaryLocationStartColumnFingerprint": "12"
|
|
}
|
|
}
|
|
],
|
|
"columnKind": "utf16CodeUnits",
|
|
"properties": {
|
|
"semmle.formatSpecifier": "sarif-latest"
|
|
}
|
|
}
|
|
]
|
|
}
|