revise *** Extending Queries with Customizations.qll for C

2025-12-16 18:03:08 +01:00 · 2025-07-30 16:10:40 -07:00
parent 732e3706e4
commit 6583c5a76f
1 changed files with 23 additions and 23 deletions
--- a/README.org
+++ b/README.org
@@ -127,32 +127,32 @@
    [[./ql/java/ql/src/Security/CWE/CWE-089/SqlTainted.ql][SqlTainted.ql]].


-*** TODO Review: SQLite Injection Workshop (C)
-    - C++ version of the workshop.
+*** Review: SQLite Injection Workshop (C)
+    This is the C version of the workshop.

-*** TODO Extending Queries with Customizations.qll for C
-    - Supported in most languages, but not C++ by default.
-    - Can be enabled by building a custom CodeQL bundle.
-    - Use this CLI tool: https://github.com/advanced-security/codeql-bundle
-    - Demonstrate using `codeql-lab`.
-      + in [[./codeql-sqlite-java/README.org]]
-      + ql/cpp/ql/lib/semmle/code/cpp/security/FlowSources.qll
-        #+BEGIN_SRC text
-          abstract class FlowSource extends DataFlow::Node 
-        #+END_SRC
+*** Extending Queries with Customizations.qll for C
+    While most CodeQL-supported languages provide out-of-the-box support for
+    `Customizations.qll`, C and C++ do not include this by default. However, it is
+    possible to enable such support by building a custom CodeQL bundle. This can
+    be done using the CLI tool at
+    https://github.com/advanced-security/codeql-bundle. Since the tool functions
+    largely as a black box, we provide a more detailed illustration of the
+    underlying steps.

-      + The other languages include Customizations.qll via <language.qll>, e.g.,
-        ql/python/ql/lib/python.qll
-        1. Modify
-           : ql/python/ql/lib/python.qll
-        2. Add
-           : ql/python/ql/lib/Customizations.qll
+    A working demonstration is available in
+    [[./codeql-dataflow-sql-injection-c/README.org]]. In languages like Java,
+    `Customizations.qll` is included automatically via imports from
+    `<language>.qll`, such as [[./ql/java/ql/lib/java.qll][java.qll]] importing [[./ql/java/ql/lib/Customizations.qll][Customizations.qll]], which defines
+    user-extensible predicates for flow modeling.

-      + For C/C++,
-        1. Modify
-           : ql/cpp/ql/lib/cpp.qll
-        2. Add
-           : ql/cpp/ql/lib/Customizations.qll
+    For C/C++, the process requires explicit modification:
+    1. Modify `ql/cpp/ql/lib/cpp.qll` to import `Customizations.qll`.
+    2. Create and populate `ql/cpp/ql/lib/Customizations.qll` with custom sources/sinks or extensions.
+    3. Rebuild the CodeQL bundle to include these changes.
+
+    This customization enables consistent user-defined flow modeling across
+    languages, making it possible to reuse modeling patterns from Java or Python
+    in C/C++ contexts.

 *** TODO Use models-as-data QL code directly (no graphical editor).
    summary