Additional Resources #
Publications #
Trail of Bits blog posts on CodeQL #
- Look out! Divergent representations are everywhere!
- Finding unhandled errors using CodeQL
- Detecting iterator invalidation with CodeQL
Learning resources for CodeQL #
Writing custom CodeQL queries #
- Practical introduction to CodeQL
- Security code reviewing with CodeQL
- Sharing security expertise through CodeQL packs (Part I)
Using CodeQL for vulnerability discovery #
- Clang checkers and CodeQL queries for detecting untrusted pointer derefs and tainted loop conditions
- Vulnerability digging with CodeQL
- Make memcpy safe again: CodeQL