hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update info on data flow new/legacylibrary

Browse Source
This commit is contained in:
Felicity Chapman
2024-08-12 11:54:11 +01:00
parent a5a999f7d6
commit ae51668147
3 changed files with 15 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
docs/codeql/codeql-language-guides/analyzing-data-flow-in-cpp-new.rst
View File

@@ -1,12 +1,19 @@
.. _analyzing-data-flow-in-cpp-new:
.. include:: ../reusables/cpp-new-dataflow-api-note.rst
Analyzing data flow in C and C++ (new)
======================================
Analyzing data flow in C and C++
================================
You can use data flow analysis to track the flow of potentially malicious or insecure data that can cause vulnerabilities in your codebase.
About this article
------------------
This article describes how data flow analysis is implemented in the CodeQL libraries for C/C++ and includes examples to help you write your own data flow queries.
The following sections describe how to use the libraries for local data flow, global data flow, and taint tracking.
For a more general introduction to modeling data flow, see ":ref:`About data flow analysis <about-data-flow-analysis>`."
.. include:: ../reusables/new-data-flow-api.rst
About data flow
---------------

6
docs/codeql/codeql-language-guides/codeql-for-cpp.rst
View File

@@ -22,7 +22,7 @@ Experiment and learn how to write effective and efficient queries for CodeQL dat
hash-consing-and-value-numbering
advanced-dataflow-scenarios-cpp
customizing-library-models-for-cpp
- :doc:`Basic query for C and C++ code <basic-query-for-cpp-code>`: Learn to write and run a simple CodeQL query.
@@ -35,13 +35,13 @@ Experiment and learn how to write effective and efficient queries for CodeQL dat
- :doc:`Conversions and classes in C and C++ <conversions-and-classes-in-cpp>`: You can use the standard CodeQL libraries for C and C++ to detect when the type of an expression is changed.
- :doc:`Analyzing data flow in C and C++ (new) <analyzing-data-flow-in-cpp-new>`: You can use data flow analysis to track the flow of potentially malicious or insecure data that can cause vulnerabilities in your codebase. For information about data flow analysis in versions up to CodeQL 2.12.4, see :doc:`Analyzing data flow in C and C++ <analyzing-data-flow-in-cpp>`.
- :doc:`Analyzing data flow in C and C++ <analyzing-data-flow-in-cpp-new>`: You can use data flow analysis to track the flow of potentially malicious or insecure data that can cause vulnerabilities in your codebase. For information about converting queries from the legacy workflow, see `New dataflow API for CodeQL query writing <https://gh.io/codeql-new-dataflow-api>`__.
- :doc:`Refining a query to account for edge cases <refining-a-query-to-account-for-edge-cases>`: You can improve the results generated by a CodeQL query by adding conditions to remove false positive results caused by common edge cases.
- :doc:`Detecting a potential buffer overflow <detecting-a-potential-buffer-overflow>`: You can use CodeQL to detect potential buffer overflows by checking for allocations equal to ``strlen`` in C and C++.
- :doc:`Using the guards library in C and C++ <using-the-guards-library-in-cpp>`: You can use the CodeQL guards library to identify conditional expressions that control the execution of other parts of a program in C and C++ codebases.
- :doc:`Using the guards library in C and C++ <using-the-guards-library-in-cpp>`: You can use the CodeQL guards library to identify conditional expressions that control the execution of other parts of a program in C and C++ codebases.
- :doc:`Using range analysis for C and C++ <using-range-analsis-in-cpp>`: You can use range analysis to determine the upper or lower bounds on an expression, or whether an expression could potentially over or underflow.

3
docs/codeql/reusables/new-data-flow-api.rst
View File

@@ -1,4 +1,3 @@
.. pull-quote:: Note
The new modular API for data flow described here is available alongside the previous library from CodeQL 2.13.0 onwards. For information about how the library has changed and how to migrate any existing queries to the modular API, see `New dataflow API for CodeQL query writing <https://gh.io/codeql-new-dataflow-api>`__.
The modular API for data flow described here is available from CodeQL 2.13.0. The legacy library is deprecated and will be removed in December 2024. For information about how the library has changed and how to migrate any existing queries to the modular API, see `New dataflow API for CodeQL query writing <https://gh.io/codeql-new-dataflow-api>`__.