hohnlab.org — Master Index

Welcome to the hohnlab.org master index. This page links to subprojects hosted here and on github.

CodeQL turns a source tree into a queryable database, applies a selected query pack to that database, and emits SARIF for downstream review. The detailed local workflow is documented in the CodeQL end-to-end report.

The local comparison uses two database creation modes:

• full trace / BMF: run the package build under CodeQL so real compiler invocations are observed;
• build-mode=none / BMN: let CodeQL infer the database from source discovery.

In the sampled corpus, full tracing produced many more successful database bundles and SARIF files. BMN can still produce much larger SARIF for some packages, especially when inferred extraction reaches source sets or diagnostics that the traced build did not cover. The end-to-end report is the best starting point for the size and coverage tradeoffs: CodeQL end-to-end report.

Components of the MRVA project (Multi-Repository-Variant-Analysis). A fancy term for running a (set of) queries across many repositories and viewing the result. This can be done by hand, from the shell, using a workstation-class machine – but that is exceedingly tedious. The purpose of this system is two-fold:

1. Allow quick deployment / testing on a single server-class machine
2. Serve as a basis for depoloyment across a cluster

The client machine parts:

• gh-mrva — Patched GitHub CLI extension for running multi-repo variant analysis (MRVA) from the command line.
• vscode-codeql — Patched CodeQL VS Code extension for CodeQL with MRVA support in VS Code.

The server machine / cluster parts:

• mrvacommander — common library
• mrvaserver — Go server; configures RabbitMQ, MinIO artifacts, HEPC DB store; HTTP API.
• mrvaagent — Go worker agent; processes queue work; uses MinIO artifacts and HEPC DB store.
• mrvahepc — HTTP endpoint for serving CodeQL databases and metadata (Python package). HTML

Development / server part coordination

• mrva-docker — Lima VM + Docker setup and container builds for the MRVA stack. HTML

These are links to CodeQL-related workshops; being workshops, the notes here are frequently lecture-style; they are intended to assist an instructor and may be of limited help in self study. That said, they bridge the gap (chasm) between introductory CodeQL documentation and the CodeQL reference documentation.

• codeql-cli-end-to-end — end-to-end CodeQL CLI usage and automation.
• codeql-workshop-sql-injection-java — dataflow modeling and SQL injection examples.
• codeql-dataflow-sql-injection — dataflow modeling and SQL injection examples.
• codeql-dataflow-sql-injection-go — Go port of the trivial SQL injection sample.
• codeql-dataflow-sql-injection-python — SQL injection and dataflow examples in Python.
• codeq-system-overview — codeql system / integration diagram
• codeql-intro-csharp — codeql system / integration explanation diagram
• codeql-intro-csharp — introductory CodeQL for C#.
• codeql-javascript-AST — queries and examples generating the CodeQL AST for JavaScript source
• codeql-lab — CodeQL lab is a large repository with the full CodeQL library source and samples that modify it.
• codeql-operational-view — operational view of CodeQL workflows.
• codeql-query-development-groups — different stages of codeql development / use arranged by interested groups (devops/admin vs. query writers)
• codeql-query-development — visual comparison of CodeQL query development sequence,
  1. from scratch
  2. using CI artifacts
• codeql-system-default-setup — Full system map, with configs hidden by default setup in grey.
• codeql-system — Full system map.
• codeql-workshop-dataflow-c — workshop: dataflow in C.
• codeql-workshop-sql-injection-java — workshop: SQL injection in Java.
• firefox — large-scale CodeQL demo database and metrics.

• codeql-info - guide to generating CodeQL docs from source, in various formats
• Building the documentation – this uses the full tree; the full tree is part of codeql-lab. Output formats supported by rst are listed in builders
• Direct Conversion RST -> Prompt by GPT