Quickly learn CodeQL, an expressive language for code analysis, which helps you explore source code to find bugs and vulnerabilities. During this beginner-level course, you will learn to write queries in CodeQL and find critical security vulnerabilities that were identified in Das U-Boot, a popular open-source project.
Upon completion of the course, you'll be able to:
You will walk in the steps of our security researchers, and create:
See what you will cover in the course, and where to find documentation and help.
Set up your IDE for CodeQL development.
Run a CodeQL query. Learn how to submit your work for checking during this course.
Learn the basic structure of a CodeQL query. Modify a query to find the definition of a particular function.
See how source code is represented in the classes and predicates of the CodeQL standard library. Find the definitions of particular macros.
Declare multiple variables to represent different source code elements and learn how to describe relationships between them. Find calls to functions named
Declare multiple variables to represent different source code elements and learn how to describe relationships between them. Find invocations of macros named
Learn how to change which source code element is identified by your query. Find the expressions that correspond to macro invocations.
Learn how to declare temporary variables with the
exists keyword. Write your own CodeQL class to represent a set of interesting source code elements.
Learn how to use CodeQL to track the flow of tainted data through a program. Write a taint tracking query that find 9 RCE vulnerabilities!
All public courses on Learning Lab are free.