hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-24 16:25:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add note about collapsing multiple rows into one

Browse Source
This commit is contained in:
Ed Minnix
2024-02-13 12:08:17 -05:00
parent e2511cdbe4
commit 8be9b8b818
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
docs/codeql/codeql-language-guides/customizing-library-models-for-csharp.rst
View File

@@ -192,6 +192,19 @@ The remaining values are used to define the ``access path``, the ``kind``, and t
- The ninth value ``taint`` is the kind of the flow. ``taint`` means that taint is propagated through the call.
- The tenth value ``manual`` is the provenance of the summary, which is used to identify the origin of the summary.
It would also be possible to merge the two rows into one by using a comma separated list in the seventh value. This would be useful if the method has many arguments and the flow is the same for all of them.
.. code-block:: yaml
extensions:
- addsTo:
pack: codeql/csharp-all
extensible: summaryModel
data:
- ["System", "String", False, "Concat", "(System.Object,System.Object)", "", "Argument[0,1]", "ReturnValue", "taint", "manual"]
This row defines flow from both the first and the second argument to the return value. The seventh value ``Argument[0,1]`` is shorthand for specifying an access path to both ``Argument[0]`` and ``Argument[1]``.
Example: Add flow through the ``Trim`` method
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This example shows how the C# query pack models flow through a method for a simple case.