heou
heou
when i try to analysis aosp database with this qury script: ``` /** * @id 1 * @kind path-problem */ import java import semmle.code.java.dataflow.FlowSources import semmle.code.java.dataflow.TaintTracking module SensitiveLoggerConfig implements DataFlow::ConfigSig...
hi, i try to perform a taint analysis with following statment: ``` protected void handleSimReady(int phoneId) { ·········· String iccId = (uiccSlot != null) ? IccUtils.stripTrailingFs(uiccSlot.getIccId()) : null; ············ ```...
Description: I have encountered an issue when using CodeQL in Visual Studio Code, which seems to be related to the "Extension Pack for Java". Here are the details of the...
### Missing Feature First of all, thank you for developing and maintaining such a powerful tool for static analysis. Sootup has proven to be an invaluable resource for analyzing and...
i want to add a custom data-flow sematic in joern shell with following code: ``` val parser = new io.joern.dataflowengineoss.semanticsloader.FullNameSemanticsParser() val flowtransfer = """"strncpy" 4 -> 4""" val rule =...
**Describe the bug** While testing Joern's taint analysis capabilities, I noticed that if a function call is a nested structure, such as func(a, (a + b), c), the composite parameter...