codeql

package

v0.0.0-...-6e9e045 Latest Latest Go to latest Published: Aug 20, 2025 License: MIT Imports: 16 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/noperator/slice

Links

Open Source Insights

Documentation ¶

Index ¶

type CallGraph
- func BuildCallGraph(functions []parser.Function) *CallGraph
type CallValidation
type CodeQLResult
type Executor
- func NewExecutor(codeqlBin string) (*Executor, error)
- func (e *Executor) CheckCodeQLAvailable() error
- func (e *Executor) RunQuery(database, query string) ([]CodeQLResult, error)
type Finding
type FunctionCode
type QueryEnricher
- func NewQueryEnricher(sourceDir string) *QueryEnricher
- func (e *QueryEnricher) EnrichResults(results []CodeQLResult, callGraph *CallGraph, validateCalls bool, ...) ([]Finding, error)
type ReachabilityAnalysis
type RelationshipType
type SourceCode

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CallGraph ¶

type CallGraph struct {
	// contains filtered or unexported fields
}

CallGraph represents function call relationships using a graph library

func BuildCallGraph ¶

func BuildCallGraph(functions []parser.Function) *CallGraph

BuildCallGraph creates a call graph from parsed functions

func (*CallGraph) AnalyzeReachability ¶

func (cg *CallGraph) AnalyzeReachability(sourceFuncName, targetFuncName string, maxDepth int) *ReachabilityAnalysis

AnalyzeReachability analyzes the reachability relationship between two functions This is the main entry point for interprocedural analysis

func (*CallGraph) AreConnected ¶

func (cg *CallGraph) AreConnected(func1, func2 string, maxDepth int) bool

AreConnected checks if two functions are connected in either direction

func (*CallGraph) FindCallChains ¶

func (cg *CallGraph) FindCallChains(from, to string, maxDepth int) [][]string

FindCallChains finds all call chains from 'from' to 'to' within maxDepth

func (*CallGraph) HasPath ¶

func (cg *CallGraph) HasPath(from, to string, maxDepth int) bool

HasPath checks if there's a path from 'from' function to 'to' function within maxDepth

func (*CallGraph) ValidateCallRelationship ¶

func (cg *CallGraph) ValidateCallRelationship(freeFuncName, useFuncName string, maxDepth int) *CallValidation

Legacy compatibility - maintain old function name for backward compatibility This wraps the new generic AnalyzeReachability function

type CallValidation ¶

type CallValidation = ReachabilityAnalysis

CallValidation is an alias for backward compatibility

type CodeQLResult ¶

type CodeQLResult struct {
	ObjName             string `json:"object"`
	FreeFunctionName    string `json:"free_func"`
	FreeFunctionFile    string `json:"free_file"`
	FreeFunctionDefLine int    `json:"free_func_def_ln"`
	FreeLine            int    `json:"free_ln"`
	UseFunctionName     string `json:"use_func"`
	UseFunctionFile     string `json:"use_file"`
	UseFunctionDefLine  int    `json:"use_func_def_ln"`
	UseLine             int    `json:"use_ln"`
}

type Executor ¶

type Executor struct {
	CodeQLBin string
}

func NewExecutor ¶

func NewExecutor(codeqlBin string) (*Executor, error)

func (*Executor) CheckCodeQLAvailable ¶

func (e *Executor) CheckCodeQLAvailable() error

func (*Executor) RunQuery ¶

func (e *Executor) RunQuery(database, query string) ([]CodeQLResult, error)

type Finding ¶

type Finding struct {
	CodeQLResult   CodeQLResult    `json:"codeql_result"`
	SourceCode     SourceCode      `json:"source_code"`
	CallValidation *CallValidation `json:"call_validation,omitempty"`
}

type FunctionCode ¶

type FunctionCode struct {
	DefinitionWithLineNumbers string `json:"def"`
	Snippet                   string `json:"snippet"`
}

type QueryEnricher ¶

type QueryEnricher struct {
	// contains filtered or unexported fields
}

QueryEnricher handles enriching CodeQL results with source code context

func NewQueryEnricher ¶

func NewQueryEnricher(sourceDir string) *QueryEnricher

NewQueryEnricher creates a new query enricher

func (*QueryEnricher) EnrichResults ¶

func (e *QueryEnricher) EnrichResults(results []CodeQLResult, callGraph *CallGraph, validateCalls bool, callDepth int, concurrency int) ([]Finding, error)

EnrichResults enriches CodeQL results with source code and validation using parallel processing

type ReachabilityAnalysis ¶

type ReachabilityAnalysis struct {
	IsValid       bool       `json:"valid"`
	Reason        string     `json:"reason"`
	CallChains    [][]string `json:"chains,omitempty"`
	CommonCallers []string   `json:"common_callers,omitempty"`
	Details       string     `json:"details,omitempty"`
	MinDepth      int        `json:"min_depth,omitempty"`
	MaxDepth      int        `json:"max_depth,omitempty"`
}

ReachabilityAnalysis contains the results of analyzing reachability between two functions JSON tags maintain backward compatibility with existing code expecting these field names

type RelationshipType ¶

type RelationshipType int

RelationshipType represents the type of relationship between functions

const (
	NoRelationship RelationshipType = iota
	SameFunction
	ForwardReachable  // source -> target
	BackwardReachable // target -> source
	CommonAncestor    // both reachable from common caller
)

type SourceCode ¶

type SourceCode struct {
	FreeFunction          FunctionCode   `json:"free_func"`
	UseFunction           FunctionCode   `json:"use_func"`
	IntermediateFunctions []FunctionCode `json:"inter_funcs"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL