Giters

github / codeql

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security

Home Page:https://codeql.github.com

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

CodeQL is throwing errors while analyzing on a python flask app

spignelon opened this issue · comments

commented

Commands ran:
codeql database create whitebox --language=python
codeql pack download codeql/python-queries
codeql database analyze whitebox/ --format=sarif-latest --output=whitebox_report

Error Message:

ERROR: In extension for codeql/python-all:sinkModel, extensible predicate 'sinkModel' does not exist in pack 'codeql/python-all'. (/home/byte/.codeql/packages/codeql/python-queries/0.9.15/.codeql/libraries/codeql/python-all/0.12.0/semmle/python/frameworks/Asyncpg.model.yml:1,1-1)
ERROR: In extension for codeql/python-all:sourceModel, extensible predicate 'sourceModel' does not exist in pack 'codeql/python-all'. (/home/byte/.codeql/packages/codeql/python-queries/0.9.15/.codeql/libraries/codeql/python-all/0.12.0/semmle/python/frameworks/data/internal/empty.model.yml:1,1-1)
ERROR: In extension for codeql/python-all:sinkModel, extensible predicate 'sinkModel' does not exist in pack 'codeql/python-all'. (/home/byte/.codeql/packages/codeql/python-queries/0.9.15/.codeql/libraries/codeql/python-all/0.12.0/semmle/python/frameworks/data/internal/empty.model.yml:1,1-1)
ERROR: In extension for codeql/python-all:summaryModel, extensible predicate 'summaryModel' does not exist in pack 'codeql/python-all'. (/home/byte/.codeql/packages/codeql/python-queries/0.9.15/.codeql/libraries/codeql/python-all/0.12.0/semmle/python/frameworks/data/internal/empty.model.yml:1,1-1)
A fatal error occurred: A 'codeql resolve extensions-by-pack' operation failed with error code 2

Files in the current directory:
https://termbin.com/gkhn

Operating System: Arch Linux

commented

Thanks for reporting. Which version of CodeQL are you using?

commented

CodeQL command-line toolchain release 2.16.5.

image

commented

I get the same error with CodeQL 2.16.5, but with the latest version things seems to work fine. It appear the latest version of the query pack is not compatible with older versions of CodeQL.

Either :

  • download a recent CodeQL CLI, or
  • run an older version of the queries, for example codeql database analyze whitebox/ --format=sarif-latest --output=whitebox_report codeql/python-queries@0.9.13
commented

I get the same error with CodeQL 2.16.5, but with the latest version things seems to work fine. It appear the latest version of the query pack is not compatible with older versions of CodeQL.

Either :

  • download a recent CodeQL CLI, or
  • run an older version of the queries, for example codeql database analyze whitebox/ --format=sarif-latest --output=whitebox_report codeql/python-queries@0.9.13

Updating to the newer version fixed the issue, thank you.