hohn/codeql-lab
1
0
Fork 0
mirror of https://github.com/hohn/codeql-lab.git synced 2025-12-16 18:03:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

wip: set up codeql-sqlite/ sample

Browse Source
This commit is contained in:
Michael Hohn
2025-07-09 14:00:54 -07:00
committed by =Michael Hohn
parent 0e06b153cc
commit e2e555c44c
8 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
codeql-jedis/README.org
View File

@@ -252,7 +252,6 @@
| 14 | "return {}" | code-injection | | 14 | "return {}" | code-injection |
* Identify usage of injection-related models in existing queries * Identify usage of injection-related models in existing queries
To verify whether existing CodeQL queries make use of the injection-related To verify whether existing CodeQL queries make use of the injection-related
models, we can search for files in the =ql/java= and =ql/cpp= directories that models, we can search for files in the =ql/java= and =ql/cpp= directories that
contain the string =-injection=. This string often appears in taint-tracking contain the string =-injection=. This string often appears in taint-tracking
@@ -290,7 +289,6 @@
These files include both top-level queries (under =src/Security/...=) and reusable model libraries (under =lib/semmle/...=). Experimental and framework-specific queries are also included. These files include both top-level queries (under =src/Security/...=) and reusable model libraries (under =lib/semmle/...=). Experimental and framework-specific queries are also included.
** C++ Queries ** C++ Queries
Likewise, to check for C++ queries that reference =-injection=, use: Likewise, to check for C++ queries that reference =-injection=, use:
#+BEGIN_SRC sh #+BEGIN_SRC sh
@@ -309,6 +307,7 @@
These files indicate active use of injection-related taint tracking in the C++ suite as well. These files indicate active use of injection-related taint tracking in the C++ suite as well.
* TODO for java, the sqltainted query will find the sink, not the source yet. * TODO for java, the sqltainted query will find the sink, not the source yet.
[[../ql/java/ql/src/Security/CWE/CWE-089/SqlTainted.ql]]
* TODO vulnerable sample, jedis * TODO vulnerable sample, jedis
Running the model editor a jedis db models jedis dependencies; we need jedis Running the model editor a jedis db models jedis dependencies; we need jedis
/as/ dependency to model it. /as/ dependency to model it.

0
codeql-jedis/src-sqlite/AddUser.java → codeql-sqlite/AddUser.java
View File

0
codeql-jedis/src-sqlite/README.org → codeql-sqlite/README.org
View File

0
codeql-jedis/src-sqlite/add-user → codeql-sqlite/add-user
View File

0
codeql-jedis/src-sqlite/admin → codeql-sqlite/admin
View File

0
codeql-jedis/src-sqlite/build.sh → codeql-sqlite/build.sh
View File

0
codeql-jedis/src-sqlite/sarif-summary.jq → codeql-sqlite/sarif-summary.jq
View File

0
codeql-jedis/src-sqlite/sqlite-jdbc-3.36.0.1.jar → codeql-sqlite/sqlite-jdbc-3.36.0.1.jar
View File