mirror of
https://github.com/github/codeql.git
synced 2026-02-20 17:03:41 +01:00
Fix another couple of links
This commit is contained in:
Felicity Chapman
@@ -408,7 +408,7 @@ Exercise 4
|
||||
Further reading
|
||||
---------------
|
||||
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation.
|
||||
|
||||
|
||||
.. include:: ../reusables/cpp-further-reading.rst
|
||||
|
||||
@@ -380,7 +380,7 @@ Exercise 4
|
||||
Further reading
|
||||
---------------
|
||||
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation.
|
||||
|
||||
|
||||
.. include:: ../reusables/cpp-further-reading.rst
|
||||
|
||||
@@ -541,7 +541,7 @@ This can be adapted from the ``SystemUriFlow`` class:
|
||||
Further reading
|
||||
---------------
|
||||
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation.
|
||||
|
||||
|
||||
.. include:: ../reusables/csharp-further-reading.rst
|
||||
|
||||
@@ -362,7 +362,7 @@ Exercise 4
|
||||
Further reading
|
||||
---------------
|
||||
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation.
|
||||
|
||||
|
||||
.. include:: ../reusables/java-further-reading.rst
|
||||
|
||||
@@ -557,7 +557,7 @@ Exercise 4
|
||||
Further reading
|
||||
---------------
|
||||
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation.
|
||||
|
||||
|
||||
.. include:: ../reusables/java-further-reading.rst
|
||||
|
||||
@@ -359,7 +359,7 @@ This data flow configuration tracks data flow from environment variables to open
|
||||
Further reading
|
||||
---------------
|
||||
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation.
|
||||
|
||||
|
||||
.. include:: ../reusables/python-further-reading.rst
|
||||
|
||||
@@ -376,7 +376,7 @@ The following global data-flow query finds calls to ``File.open`` where the file
|
||||
Further reading
|
||||
---------------
|
||||
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation.
|
||||
|
||||
|
||||
.. include:: ../reusables/ruby-further-reading.rst
|
||||
|
||||
@@ -284,7 +284,7 @@ The following global taint-tracking query finds places where a value from a remo
|
||||
Further reading
|
||||
---------------
|
||||
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation.
|
||||
|
||||
|
||||
.. include:: ../reusables/swift-further-reading.rst
|
||||
|
||||
@@ -16,7 +16,7 @@ This article contains reference material about how to define custom models for s
|
||||
|
||||
The best way to create your own models is using the CodeQL model editor in the CodeQL extension for Visual Studio Code. The model editor automatically guides you through the process of defining models, displaying the properties you need to define and the options available. You can save the resulting models as data extension files in CodeQL model packs and use them without worrying about the syntax.
|
||||
|
||||
For more information, see `Using the CodeQL model editor <https://docs.github.com/en/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/using-the-codeql-model-editor>`__ in the GitHub documentation
|
||||
For more information, see `Using the CodeQL model editor <https://docs.github.com/en/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/using-the-codeql-model-editor>`__ in the GitHub documentation.
|
||||
|
||||
|
||||
About data extensions
|
||||
|
||||
@@ -254,7 +254,7 @@ Troubleshooting
|
||||
Further reading
|
||||
---------------
|
||||
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation.
|
||||
|
||||
|
||||
.. include:: ../reusables/javascript-further-reading.rst
|
||||
|
||||
@@ -405,7 +405,7 @@ string may be an absolute path and whether it may contain ``..`` components.
|
||||
Further reading
|
||||
---------------
|
||||
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation.
|
||||
|
||||
|
||||
.. include:: ../reusables/javascript-further-reading.rst
|
||||
|
||||
@@ -61,7 +61,7 @@ The DIL format may change without warning between CLI releases.
|
||||
When you specify the ``--dump-dil`` option for ``codeql query compile``, CodeQL
|
||||
prints DIL to standard output for the queries it compiles. You can also
|
||||
view results in DIL format when you run queries in VS Code.
|
||||
For more information, see ":ref:`Analyzing your projects <viewing-query-results>`" in the CodeQL for VS Code help.
|
||||
For more information, see `Running CodeQL queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/running-codeql-queries#understanding-your-query-results>`__ in the GitHub documentation.
|
||||
|
||||
.. _extractor:
|
||||
|
||||
|
||||
@@ -85,4 +85,4 @@ These flow steps are modeled in the taint-tracking library using predicates that
|
||||
Further reading
|
||||
***************
|
||||
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation.
|
||||
|
||||
@@ -180,5 +180,5 @@ The alert message defined in the final column in the ``select`` statement can be
|
||||
Further reading
|
||||
***************
|
||||
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation
|
||||
- `Exploring data flow with path queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/exploring-data-flow-with-path-queries>`__ in the GitHub documentation.
|
||||
- `CodeQL repository <https://github.com/github/codeql>`__
|
||||
|
||||
@@ -34,12 +34,12 @@ The same query can be slightly simplified by rewriting it without :ref:`path exp
|
||||
select sink, "Sink is reached from $@.", source.getNode(), "here"
|
||||
|
||||
If a data-flow query that you have written doesn't produce the results you expect it to, there may be a problem with your query.
|
||||
You can try to debug the potential problem by following the steps described below.
|
||||
You can try to debug the potential problem by following the steps described below.
|
||||
|
||||
Checking sources and sinks
|
||||
--------------------------
|
||||
|
||||
Initially, you should make sure that the source and sink definitions contain what you expect. If either the source or sink is empty then there can never be any data flow. The easiest way to check this is using quick evaluation in CodeQL for VS Code. Select the text ``node instanceof MySource``, right-click, and choose "CodeQL: Quick Evaluation". This will evaluate the highlighted text, which in this case means the set of sources. For more information, see :ref:`Analyzing your projects <running-a-specific-part-of-a-query-or-library>` in the CodeQL for VS Code help.
|
||||
Initially, you should make sure that the source and sink definitions contain what you expect. If either the source or sink is empty then there can never be any data flow. The easiest way to check this is using quick evaluation in CodeQL for VS Code. Select the text ``node instanceof MySource``, right-click, and choose "CodeQL: Quick Evaluation". This will evaluate the highlighted text, which in this case means the set of sources. For more information, see `Running CodeQL queries <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/running-codeql-queries#running-a-specific-part-of-a-query-or-library>`__ in the GitHub documentation.
|
||||
|
||||
If both source and sink definitions look good then we will need to look for missing flow steps.
|
||||
|
||||
@@ -106,9 +106,9 @@ To do quick evaluations of partial flow it is often easiest to add a predicate t
|
||||
If you are focusing on a single source then the ``src`` column is superfluous. You may of course also add other columns of interest based on ``n``, but including the enclosing callable and the distance to the source at the very least is generally recommended, as they can be useful columns to sort on to better inspect the results.
|
||||
|
||||
|
||||
If you see a large number of partial flow results, you can focus them in a couple of ways:
|
||||
If you see a large number of partial flow results, you can focus them in a couple of ways:
|
||||
|
||||
- If flow travels a long distance following an expected path, that can result in a lot of uninteresting flow being included in the exploration radius. To reduce the amount of uninteresting flow, you can replace the source definition with a suitable ``node`` that appears along the path and restart the partial flow exploration from that point.
|
||||
- If flow travels a long distance following an expected path, that can result in a lot of uninteresting flow being included in the exploration radius. To reduce the amount of uninteresting flow, you can replace the source definition with a suitable ``node`` that appears along the path and restart the partial flow exploration from that point.
|
||||
- Creative use of barriers can be used to cut off flow paths that are uninteresting. This also reduces the number of partial flow results to explore while debugging.
|
||||
|
||||
Further reading
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
.. _introduction-to-ql:
|
||||
|
||||
Introduction to QL
|
||||
Introduction to QL
|
||||
==================
|
||||
|
||||
Work through some simple exercises and examples to learn about the basics of QL and CodeQL.
|
||||
@@ -109,12 +109,12 @@ Example CodeQL queries
|
||||
----------------------
|
||||
|
||||
The previous examples used the primitive types built in to QL. Although we chose a project to query, we didn't use the information in that project's database.
|
||||
The following example queries *do* use these databases and give you an idea of how to use CodeQL to analyze projects.
|
||||
The following example queries *do* use these databases and give you an idea of how to use CodeQL to analyze projects.
|
||||
|
||||
Queries using the CodeQL libraries can find errors and uncover variants of important security vulnerabilities in codebases.
|
||||
Visit `GitHub Security Lab <https://securitylab.github.com/>`__ to read about examples of vulnerabilities that we have recently found in open source projects.
|
||||
|
||||
Before you can run the following examples, you will need to install the CodeQL extension for Visual Studio Code. For more information, see :ref:`Setting up CodeQL in Visual Studio Code <setting-up-codeql-in-visual-studio-code>`. You will also need to import and select a database in the corresponding programming language. For more information about obtaining CodeQL databases, see `Managing CodeQL databases <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/managing-codeql-databases/>`__ in the CodeQL for VS Code documentation.
|
||||
Before you can run the following examples, you will need to install the CodeQL extension for Visual Studio Code. For more information, see `Installing CodeQL for Visual Studio Code <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/installing-codeql-for-vs-code>`__ in the GitHub documentation. You will also need to import and select a database in the corresponding programming language.
|
||||
|
||||
To import the CodeQL library for a specific programming language, type ``import <language>`` at the start of the query.
|
||||
|
||||
@@ -166,7 +166,7 @@ Exercise 1
|
||||
from string s
|
||||
where s = "lgtm"
|
||||
select s.length()
|
||||
|
||||
|
||||
There is often more than one way to define a query. For example, we can also write the above query in the shorter form:
|
||||
|
||||
.. code-block:: ql
|
||||
|
||||
Reference in New Issue
Block a user