hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Address review comments

Browse Source
This commit is contained in:
Owen Mansel-Chan
2025-10-21 16:54:28 +01:00
parent 2e0915ebed
commit c8c1c6e592
9 changed files with 19 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/codeql/codeql-language-guides/analyzing-data-flow-in-cpp.rst
View File

@@ -314,7 +314,7 @@ Exercise 2: Write a query that finds all hard-coded strings used to create a ``h
Exercise 3: Write a class that represents flow sources from ``getenv``. (`Answer <#exercise-3>`__) Exercise 3: Write a class that represents flow sources from ``getenv``. (`Answer <#exercise-3>`__)
Exercise 4: Using the answers from 2 and 3, write a query which finds all global data flow paths from ``getenv`` to ``gethostbyname``. (`Answer <#exercise-4>`__) Exercise 4: Using the answers from 2 and 3, write a query which finds all global data flow paths from ``getenv`` to ``gethostbyname``. (`Answer <#exercise-4>`__ `Answer as a path query <#path-query-example>`__)
Answers Answers
------- -------
@@ -411,7 +411,7 @@ Exercise 4
GetenvToGethostbynameFlow::flow(source, sink) GetenvToGethostbynameFlow::flow(source, sink)
select getenv, fc select getenv, fc
Path Query Example Path query example
~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~
Here is the answer to exercise 4 above, converted into a path query: Here is the answer to exercise 4 above, converted into a path query:

4
docs/codeql/codeql-language-guides/analyzing-data-flow-in-csharp.rst
View File

@@ -287,7 +287,7 @@ Exercise 2: Find all hard-coded strings passed to ``System.Uri``, using global d
Exercise 3: Define a class that represents flow sources from ``System.Environment.GetEnvironmentVariable``. (`Answer <#exercise-3>`__) Exercise 3: Define a class that represents flow sources from ``System.Environment.GetEnvironmentVariable``. (`Answer <#exercise-3>`__)
Exercise 4: Using the answers from 2 and 3, write a query which finds all global data flow paths from ``System.Environment.GetEnvironmentVariable`` to ``System.Uri``. (`Answer <#exercise-4>`__) Exercise 4: Using the answers from 2 and 3, write a query which finds all global data flow paths from ``System.Environment.GetEnvironmentVariable`` to ``System.Uri``. (`Answer <#exercise-4>`__ `Answer as a path query <#path-query-example>`__)
Extending library data flow Extending library data flow
--------------------------- ---------------------------
@@ -537,7 +537,7 @@ This can be adapted from the ``SystemUriFlow`` class:
} }
} }
Path Query Example Path query example
~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~
Here is the answer to exercise 4 above, converted into a path query: Here is the answer to exercise 4 above, converted into a path query:

4
docs/codeql/codeql-language-guides/analyzing-data-flow-in-go.rst
View File

@@ -252,7 +252,7 @@ Exercise 2: Write a query that finds all hard-coded strings used to create a ``u
Exercise 3: Write a class that represents flow sources from ``os.Getenv(..)``. (`Answer <#exercise-3>`__) Exercise 3: Write a class that represents flow sources from ``os.Getenv(..)``. (`Answer <#exercise-3>`__)
Exercise 4: Using the answers from 2 and 3, write a query which finds all global data flow paths from ``os.Getenv`` to ``url.URL``. (`Answer <#exercise-4>`__) Exercise 4: Using the answers from 2 and 3, write a query which finds all global data flow paths from ``os.Getenv`` to ``url.URL``. (`Answer <#exercise-4>`__ `Answer as a path query <#path-query-example>`__)
Answers Answers
------- -------
@@ -358,7 +358,7 @@ Exercise 4
where GetenvToURLFlow::flow(src, sink) where GetenvToURLFlow::flow(src, sink)
select src, "This environment variable constructs a URL $@.", sink, "here" select src, "This environment variable constructs a URL $@.", sink, "here"
Path Query Example Path query example
~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~
Here is the answer to exercise 4 above, converted into a path query: Here is the answer to exercise 4 above, converted into a path query:

4
docs/codeql/codeql-language-guides/analyzing-data-flow-in-java.rst
View File

@@ -262,7 +262,7 @@ Exercise 2: Write a query that finds all hard-coded strings used to create a ``j
Exercise 3: Write a class that represents flow sources from ``java.lang.System.getenv(..)``. (`Answer <#exercise-3>`__) Exercise 3: Write a class that represents flow sources from ``java.lang.System.getenv(..)``. (`Answer <#exercise-3>`__)
Exercise 4: Using the answers from 2 and 3, write a query which finds all global data flow paths from ``getenv`` to ``java.net.URL``. (`Answer <#exercise-4>`__) Exercise 4: Using the answers from 2 and 3, write a query which finds all global data flow paths from ``getenv`` to ``java.net.URL``. (`Answer <#exercise-4>`__ `Answer as a path query <#path-query-example>`__)
Answers Answers
------- -------
@@ -361,7 +361,7 @@ Exercise 4
where GetenvToURLFlow::flow(src, sink) where GetenvToURLFlow::flow(src, sink)
select src, "This environment variable constructs a URL $@.", sink, "here" select src, "This environment variable constructs a URL $@.", sink, "here"
Path Query Example Path query example
~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~
Here is the answer to exercise 4 above, converted into a path query: Here is the answer to exercise 4 above, converted into a path query:

4
docs/codeql/codeql-language-guides/analyzing-data-flow-in-javascript-and-typescript.rst
View File

@@ -456,7 +456,7 @@ Exercise 3: Write a class which represents flow sources from the array elements
Hint: array indices are properties with numeric names; you can use regular expression matching to check this. (`Answer <#exercise-3>`__) Hint: array indices are properties with numeric names; you can use regular expression matching to check this. (`Answer <#exercise-3>`__)
Exercise 4: Using the answers from 2 and 3, write a query which finds all global data flow paths from array elements of the result of a call to the ``tagName`` argument to the Exercise 4: Using the answers from 2 and 3, write a query which finds all global data flow paths from array elements of the result of a call to the ``tagName`` argument to the
``createElement`` function. (`Answer <#exercise-4>`__) ``createElement`` function. (`Answer <#exercise-4>`__ `Answer as a path query <#path-query-example>`__)
Answers Answers
------- -------
@@ -541,7 +541,7 @@ Exercise 4
where HardCodedTagNameFlow::flow(source, sink) where HardCodedTagNameFlow::flow(source, sink)
select source, sink select source, sink
Path Query Example Path query example
~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~
Here is the answer to exercise 4 above, converted into a path query: Here is the answer to exercise 4 above, converted into a path query:

6
docs/codeql/codeql-language-guides/analyzing-data-flow-in-python.rst
View File

@@ -354,10 +354,10 @@ This data flow configuration tracks data flow from environment variables to open
select fileOpen, "This call to 'os.open' uses data from $@.", select fileOpen, "This call to 'os.open' uses data from $@.",
environment, "call to 'os.getenv'" environment, "call to 'os.getenv'"
Path Query Example Path query example
~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~
Here is the first example above, converted into a path query: Here is the network input example above, converted into a path query:
.. code-block:: ql .. code-block:: ql
@@ -397,7 +397,7 @@ For more information, see "`Creating path queries <https://codeql.github.com/doc
Further reading Further reading
--------------- ---------------
- `Creating path queries <https://codeql.github.com/docs/writing-codeql-queries/creating-path-queries/>`__ in the GitHub documentation. - `Creating path queries <https://codeql.github.com/docs/writing-codeql-queries/creating-path-queries/>`__.
.. include:: ../reusables/python-further-reading.rst .. include:: ../reusables/python-further-reading.rst

4
docs/codeql/codeql-language-guides/analyzing-data-flow-in-ruby.rst
View File

@@ -372,10 +372,10 @@ The following global data-flow query finds calls to ``File.open`` where the file
select fileOpen, "This call to 'File.open' uses data from $@.", environment, select fileOpen, "This call to 'File.open' uses data from $@.", environment,
"an environment variable" "an environment variable"
Path Query Example Path query example
~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~
Here is the first example above, converted into a path query: Here is the taint-tracking example above, converted into a path query:
.. code-block:: ql .. code-block:: ql

4
docs/codeql/codeql-language-guides/analyzing-data-flow-in-rust.rst
View File

@@ -231,10 +231,10 @@ The following global taint-tracking query finds places where a string literal is
where ConstantPasswordFlow::flow(sourceNode, sinkNode) where ConstantPasswordFlow::flow(sourceNode, sinkNode)
select sinkNode, "The value $@ is used as a constant password.", sourceNode, sourceNode.toString() select sinkNode, "The value $@ is used as a constant password.", sourceNode, sourceNode.toString()
Path Query Example Path query example
~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~
Here is the first example above, converted into a path query: Here is the taint-tracking example above, converted into a path query:
.. code-block:: ql .. code-block:: ql

4
docs/codeql/codeql-language-guides/analyzing-data-flow-in-swift.rst
View File

@@ -278,10 +278,10 @@ The following global taint-tracking query finds places where a value from a remo
where SqlInjectionFlow::flow(sourceNode, sinkNode) where SqlInjectionFlow::flow(sourceNode, sinkNode)
select sinkNode, "This query depends on a $@.", sourceNode, "user-provided value" select sinkNode, "This query depends on a $@.", sourceNode, "user-provided value"
Path Query Example Path query example
~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~
Here is the first example above, converted into a path query: Here is the string literal example above, converted into a path query:
.. code-block:: ql .. code-block:: ql