hohn/sarif-cli
1
0
Fork 0
mirror of https://github.com/hohn/sarif-cli.git synced 2025-12-16 17:23:03 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
f1a70dd02323e119eb1d6fbae2c1a0e6b629dfd0
sarif-cli/data/codeql-dataflow-sql-injection/sqlidb-1.sarif
Michael Hohn f1a70dd023 wip: remove extraneous slash
2023-07-13 15:55:28 -07:00

220 lines
6.2 KiB
JSON
Raw Blame History

{
"$schema" : "https://json.schemastore.org/sarif-2.1.0.json",
"version" : "2.1.0",
"runs" : [ {
"tool" : {
"driver" : {
"name" : "CodeQL",
"organization" : "GitHub",
"semanticVersion" : "2.9.4",
"rules" : [ {
"id" : "cpp/SQLIVulnerable",
"name" : "cpp/SQLIVulnerable",
"shortDescription" : {
"text" : "SQLI Vulnerability"
},
"fullDescription" : {
"text" : "Using untrusted strings in a sql query allows sql injection attacks."
},
"defaultConfiguration" : {
"enabled" : true,
"level" : "warning"
},
"properties" : {
"description" : "Using untrusted strings in a sql query allows sql injection attacks.",
"id" : "cpp/SQLIVulnerable",
"kind" : "path-problem",
"name" : "SQLI Vulnerability",
"problem.severity" : "warning"
}
} ]
},
"extensions" : [ {
"name" : "legacy-upgrades",
"semanticVersion" : "0.0.0",
"locations" : [ {
"uri" : "file:///Users/hohn/.local/share/gh/extensions/gh-codeql/dist/release/v2.9.4/legacy-upgrades/",
"description" : {
"text" : "The QL pack root directory."
}
}, {
"uri" : "file:///Users/hohn/.local/share/gh/extensions/gh-codeql/dist/release/v2.9.4/legacy-upgrades/qlpack.yml",
"description" : {
"text" : "The QL pack definition file."
}
} ]
}, {
"name" : "sample/cpp-sql-injection",
"semanticVersion" : "0.0.1",
"locations" : [ {
"uri" : "file:///Users/hohn/local/sarif-cli/data/codeql-dataflow-sql-injection/",
"description" : {
"text" : "The QL pack root directory."
}
}, {
"uri" : "file:///Users/hohn/local/sarif-cli/data/codeql-dataflow-sql-injection/qlpack.yml",
"description" : {
"text" : "The QL pack definition file."
}
} ]
} ]
},
"artifacts" : [ {
"location" : {
"uri" : "add-user.c",
"uriBaseId" : "%SRCROOT%",
"index" : 0
}
} ],
"results" : [ {
"ruleId" : "cpp/SQLIVulnerable",
"ruleIndex" : 0,
"rule" : {
"id" : "cpp/SQLIVulnerable",
"index" : 0
},
"message" : {
"text" : "Possible SQL injection"
},
"locations" : [ {
"physicalLocation" : {
"artifactLocation" : {
"uri" : "add-user.c",
"uriBaseId" : "%SRCROOT%",
"index" : 0
},
"region" : {
"startLine" : 84,
"startColumn" : 27,
"endColumn" : 32
}
}
} ],
"partialFingerprints" : {
"primaryLocationLineHash" : "9a8bc91bbc363391:1",
"primaryLocationStartColumnFingerprint" : "22"
},
"codeFlows" : [ {
"threadFlows" : [ {
"locations" : [ {
"location" : {
"physicalLocation" : {
"artifactLocation" : {
"uri" : "add-user.c",
"uriBaseId" : "%SRCROOT%",
"index" : 0
},
"region" : {
"startLine" : 52,
"startColumn" : 32,
"endColumn" : 35
}
},
"message" : {
"text" : "ref arg buf"
}
}
}, {
"location" : {
"physicalLocation" : {
"artifactLocation" : {
"uri" : "add-user.c",
"uriBaseId" : "%SRCROOT%",
"index" : 0
},
"region" : {
"startLine" : 60,
"startColumn" : 12,
"endColumn" : 15
}
},
"message" : {
"text" : "buf"
}
}
}, {
"location" : {
"physicalLocation" : {
"artifactLocation" : {
"uri" : "add-user.c",
"uriBaseId" : "%SRCROOT%",
"index" : 0
},
"region" : {
"startLine" : 93,
"startColumn" : 12,
"endColumn" : 25
}
},
"message" : {
"text" : "call to get_user_info"
}
}
}, {
"location" : {
"physicalLocation" : {
"artifactLocation" : {
"uri" : "add-user.c",
"uriBaseId" : "%SRCROOT%",
"index" : 0
},
"region" : {
"startLine" : 95,
"startColumn" : 20,
"endColumn" : 24
}
},
"message" : {
"text" : "info"
}
}
}, {
"location" : {
"physicalLocation" : {
"artifactLocation" : {
"uri" : "add-user.c",
"uriBaseId" : "%SRCROOT%",
"index" : 0
},
"region" : {
"startLine" : 68,
"startColumn" : 31,
"endColumn" : 35
}
},
"message" : {
"text" : "info"
}
}
}, {
"location" : {
"physicalLocation" : {
"artifactLocation" : {
"uri" : "add-user.c",
"uriBaseId" : "%SRCROOT%",
"index" : 0
},
"region" : {
"startLine" : 84,
"startColumn" : 27,
"endColumn" : 32
}
},
"message" : {
"text" : "query"
}
}
} ]
} ]
} ]
} ],
"automationDetails" : {
"id" : "mast-issue"
},
"columnKind" : "utf16CodeUnits",
"properties" : {
"semmle.formatSpecifier" : "sarif-latest"
}
} ]
}
Reference in New Issue View Git Blame Copy Permalink