Add CI-Testing with course answers

Author: s0

.github/workflows/ci.yml

@@ -0,0 +1,16 @@
+name: Build and publish docker images to registry
+
+on: [push]
+
+jobs:
+  # TODO: make this use any changes in codeql-learninglab-check
+  test-courses-cpp-ctf-segv:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v1
+
+    - name: Build Course Docker Image
+      run: cd courses/cpp/ctf-segv/image && ./build.sh
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

codeql-learninglab-check/package/src/index.ts

@@ -22,6 +22,12 @@ const writeFile = promisify(fs.writeFile);
  */
 const RUN_ALL = process.env.RUN_ALL === 'true';
 
+/**
+ * Set to true to avoid using the GitHub API to post a comment
+ * (used when running the script in CI)
+ */
+const SKIP_COMMENT = process.env.SKIP_COMMENT === 'true';
+
 /**
  * The GITHUB_TOKEN secret
  */
@@ -97,13 +103,16 @@ function isConfig(config: any): config is Config {
 
   let comment = '';
 
-  const end = () =>
-    api.repos.createCommitComment({
-      body: comment,
-      owner: event.repository.owner.login,
-      repo: event.repository.name,
-      commit_sha: event.after
-    });
+  const end = () => {
+    if (!SKIP_COMMENT) {
+      api.repos.createCommitComment({
+        body: comment,
+        owner: event.repository.owner.login,
+        repo: event.repository.name,
+        commit_sha: event.after
+      });
+    }
+  }
 
   /**
    * File paths changed by the user (if we're not just running all queries)

courses/cpp/ctf-segv/answers/01_function_definitions.ql

@@ -0,0 +1,11 @@
+/**
+ * @name 00_alloca_definition
+ * @description Find the definition of the alloca macro
+ * @kind problem
+ */
+
+import cpp
+
+from Function f
+where f.getName() = "getchar"
+select f, "a getchar function"

courses/cpp/ctf-segv/answers/02_alloca_definition.ql

@@ -0,0 +1,12 @@
+/**
+ * @name 01_alloca_definition
+ * @description Find the definition of the alloca macro
+ * @kind problem
+ * @problem.severity warning
+ */
+
+import cpp
+
+from Macro alloca
+where alloca.getName() = "alloca"
+select alloca, "alloca macro"

courses/cpp/ctf-segv/answers/03_alloca.ql

@@ -0,0 +1,12 @@
+/**
+ * @name 10_alloca
+ * @description Find all calls to alloca
+ * @kind problem
+ * @problem.severity warning
+ */
+
+import cpp
+
+from FunctionCall alloca
+where alloca.getTarget().getName() = "__builtin_alloca"
+select alloca, "call to alloca"

courses/cpp/ctf-segv/answers/04_alloca_ignore_small.ql

@@ -0,0 +1,16 @@
+/**
+ * @name 11_alloca_ignore_small
+ * @description Find all calls to alloca, with small allocation sizes filtered out.
+ * @kind problem
+ * @problem.severity warning
+ */
+
+import cpp
+import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis
+
+from FunctionCall alloca, Expr sizeArg
+where
+  alloca.getTarget().getName() = "__builtin_alloca" and
+  sizeArg = alloca.getArgument(0) and
+  (lowerBound(sizeArg) < 0 or 65536 <= upperBound(sizeArg))
+select alloca, "call to alloca"

courses/cpp/ctf-segv/answers/05_use_alloca.ql

@@ -0,0 +1,13 @@
+/**
+ * @name 20_use_alloca
+ * @description Find all calls to __libc_use_alloca
+ * @kind problem
+ * @problem.severity warning
+ */
+
+import cpp
+import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis
+
+from FunctionCall call
+where call.getTarget().getName() = "__libc_use_alloca"
+select call, "call to __libc_use_alloca"

courses/cpp/ctf-segv/answers/06_use_alloca_guard.ql

@@ -0,0 +1,15 @@
+/**
+ * @name 21_use_alloca_guard
+ * @description Find all guard conditions where the condition is a call to
+ *              __libc_use_alloca.
+ * @kind problem
+ * @problem.severity warning
+ */
+
+import cpp
+import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis
+import semmle.code.cpp.controlflow.Guards
+
+from GuardCondition guard
+where guard.(FunctionCall).getTarget().getName() = "__libc_use_alloca"
+select guard, "__libc_use_alloca guard"

courses/cpp/ctf-segv/answers/07_use_alloca_guard.ql

@@ -0,0 +1,19 @@
+/**
+ * @name 22_use_alloca_guard
+ * @description Find all guard conditions where the condition is a call to
+ *              __libc_use_alloca.
+ * @kind problem
+ * @problem.severity warning
+ */
+
+import cpp
+import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis
+import semmle.code.cpp.controlflow.Guards
+import semmle.code.cpp.dataflow.DataFlow
+
+from DataFlow::Node source, DataFlow::Node sink
+where
+  source.asExpr().(FunctionCall).getTarget().getName() = "__libc_use_alloca" and
+  sink.asExpr() instanceof GuardCondition and
+  DataFlow::localFlow(source, sink)
+select sink, "__libc_use_alloca guard"

courses/cpp/ctf-segv/answers/08_use_alloca_guard.ql

@@ -0,0 +1,25 @@
+/**
+ * @name 23_use_alloca_guard
+ * @description Find all guard conditions where the condition is a call to
+ *              __libc_use_alloca.
+ * @kind problem
+ * @problem.severity warning
+ */
+
+import cpp
+import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis
+import semmle.code.cpp.controlflow.Guards
+import semmle.code.cpp.dataflow.DataFlow
+
+DataFlow::Node use_alloca() {
+  result.asExpr().(FunctionCall).getTarget().getName() = "__libc_use_alloca"
+  or
+  result.asExpr().(FunctionCall).getTarget().getName() = "__builtin_expect" and
+  result.asExpr().(FunctionCall).getArgument(0) = use_alloca().asExpr()
+  or
+  DataFlow::localFlow(use_alloca(), result)
+}
+
+from GuardCondition guard
+where guard = use_alloca().asExpr()
+select guard, "__libc_use_alloca guard"