Hi Buherátor, all, On Thu, Mar 06, 2025 at 10:15:08PM +0100, Buherátor wrote: > I also gave this a shot and came up with this query that uses > data-flow tracking and also uses StackVariableReachability as > suggested by Jordy. > I also wrote (much) about the development process to help tweaking the > query further:
Wow, this is amazing, and your write-up is a gem, thank you so much for working on all this and for sharing it! Just thinking out loud, but would it somehow be possible to continuously run Jordy's and/or Buherátor's CodeQL queries to prevent the reappearance of such issues? Maybe someone from CodeQL or GitHub Security Lab could chime in or help with this? Again, just thinking out loud. Thank you very much! With best regards, -- the Qualys Security Advisory team
