Diff-informed queries: phase 3 (non-trivial locations) by d10c · Pull Request #19957 · github/codeql · GitHub | Latest TMZ Celebrity News & Gossip | Watch TMZ Live
Skip to content

Diff-informed queries: phase 3 (non-trivial locations) #19957

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 25 commits into
base: main
Choose a base branch
from
Draft

Diff-informed queries: phase 3 (non-trivial locations) #19957

wants to merge 25 commits into from
+837 −19

Conversation

d10c
Copy link
Contributor

@d10c d10c commented Jul 2, 2025

This PR enables diff-informed mode on queries that select a location other than dataflow source or sink.

I start with automatically generated stubs and then handle each TODO item in its own commit.

@github-actions github-actions bot added C# JS C++ Java Python Go Ruby Rust Pull requests that update Rust code Swift Actions Analysis of GitHub Actions labels Jul 2, 2025
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 2, 2025
View reviewed changes
cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql
@@ -223,6 +223,14 @@
state1 = state2 + delta
)
}

predicate observeDiffInformedIncrementalMode() {

Check warning

Code scanning / CodeQL

Dead code Warning

This code is never used, and it's not publicly exported.
cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql
any() // TODO: Make sure that the location overrides match the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 263 (/Users/d10c/src/semmle-code/ql/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql@269:8:269:41), Column 5 does not select a source or sink originating from the flow call on line 263 (/Users/d10c/src/semmle-code/ql/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql@270:58:270:63), Flow call outside 'select' clause (/Users/d10c/src/semmle-code/ql/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql@249:5:249:76)
}

Location getASelectedSinkLocation(DataFlow::Node sink) {

Check warning

Code scanning / CodeQL

Dead code Warning

This code is never used, and it's not publicly exported.
cpp/ql/src/experimental/Likely Bugs/ArrayAccessProductFlow.ql
@@ -59,6 +59,14 @@
)
)
}

predicate observeDiffInformedIncrementalMode() {

Check warning

Code scanning / CodeQL

Dead code Warning

This code is never used, and it's not publicly exported.
cpp/ql/src/experimental/Likely Bugs/ArrayAccessProductFlow.ql
any() // TODO: Make sure that the location overrides match the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 81 (/Users/d10c/src/semmle-code/ql/cpp/ql/src/experimental/Likely Bugs/ArrayAccessProductFlow.ql@83:8:83:22), Column 7 does not select a source or sink originating from the flow call on line 81 (/Users/d10c/src/semmle-code/ql/cpp/ql/src/experimental/Likely Bugs/ArrayAccessProductFlow.ql@84:23:84:27)
}

Location getASelectedSinkLocation(DataFlow::Node sink) {

Check warning

Code scanning / CodeQL

Dead code Warning

This code is never used, and it's not publicly exported.
@d10c d10c force-pushed the d10c/diff-informed-phase-3 branch from ff3a4b9 to 95fe462 Compare July 3, 2025 15:50
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 3, 2025
View reviewed changes
actions/ql/lib/codeql/actions/security/EnvPathInjectionQuery.qll
@@ -3,6 +3,7 @@
private import codeql.actions.dataflow.ExternalFlow
private import codeql.actions.security.ArtifactPoisoningQuery
private import codeql.actions.security.UntrustedCheckoutQuery
private import codeql.actions.security.ControlChecks

Check warning

Code scanning / CodeQL

Redundant import Warning

Redundant import, the module is already imported inside
codeql.actions.security.ArtifactPoisoningQuery
Loading
.
@d10c d10c force-pushed the d10c/diff-informed-phase-3 branch from 95fe462 to ec649a6 Compare July 4, 2025 09:49
@d10c d10c force-pushed the d10c/diff-informed-phase-3 branch from ec649a6 to aff62c2 Compare July 4, 2025 13:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Awaiting requested review from Copilot Copilot will automatically review once the pull request is marked ready for review

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
Actions Analysis of GitHub Actions C# C++ Go Java JS Python Ruby Rust Pull requests that update Rust code Swift
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@d10c

TMZ Celebrity News – Breaking Stories, Videos & Gossip

Looking for the latest TMZ celebrity news? You've come to the right place. From shocking Hollywood scandals to exclusive videos, TMZ delivers it all in real time.

Whether it’s a red carpet slip-up, a viral paparazzi moment, or a legal drama involving your favorite stars, TMZ news is always first to break the story. Stay in the loop with daily updates, insider tips, and jaw-dropping photos.

🎥 Watch TMZ Live

TMZ Live brings you daily celebrity news and interviews straight from the TMZ newsroom. Don’t miss a beat—watch now and see what’s trending in Hollywood.