Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

A problem about how to find a calltrace through a method #17872

Closed
whyaicn opened this issue Oct 30, 2024 · 2 comments
Closed

A problem about how to find a calltrace through a method #17872

whyaicn opened this issue Oct 30, 2024 · 2 comments
Labels
question Further information is requested

Comments

@whyaicn
Copy link

whyaicn commented Oct 30, 2024

hello everyone! I want to use CodeQL to implement the following functions:
Given a package name, class name, and method name, I want to use this method as the Sink point (the Sink point is the method itself, not a parameter of the method), find all the source points of this method (the source is also a method, but I don't know the package name, class name, and method name of the method), and the corresponding path (the path is composed of methods). My current solution is to use the following template:

/**
* This is an automatically generated file
* @name Hello world
* @kind problem
* @problem.severity warning
* @id java/example/hello-world
*/
import java
from MethodCall mc
where mc.getCallee().hasQualifiedName("{package}", "{className}", "{methodName}")
select mc, "targetMethod"

I use Python to replace {package}, {className}, {Method} with my method, and then execute this ql file using Python to obtain the corresponding result. Finally, I replace {package}, {className}, {Method} with the result and execute this. ql file again until the result is empty.
But this method consumes a bit more time (on average, each project takes about 6 hours), and I need to analyze nearly 300 projects like this. Is there any way to reduce time consumption
Or can I use multithreading? However, due to the existence of locks , it seems that CodeQL does not support multithreading.

@whyaicn whyaicn added the question Further information is requested label Oct 30, 2024
@whyaicn whyaicn changed the title A problem about how to find a calltrace through a A problem about how to find a calltrace through a method Oct 30, 2024
@mbg
Copy link
Member

mbg commented Oct 31, 2024

Hi @whyaicn,

This sort of question gets asked routinely and you can find quite a few issues about this with answers for them on this repository. For example, #17457 is a recent one with a number of answers.

@whyaicn
Copy link
Author

whyaicn commented Nov 1, 2024

Thank you for your help. I will take a look at this issue tomorrow. If there are any questions, I will ask again

@whyaicn whyaicn closed this as completed Nov 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
question Further information is requested
Projects
None yet
Development

No branches or pull requests

2 participants