CodeQL Query to find path between source and sink and ensuring source and sink are in different json files

[anaapte]

Can anyone tell me the CodeQL query to generate the path of source to sink when you have source and sink json files?Please provide some insights.

[aibaars]

CodeQL's dataflow library links dataflow steps together to form paths that start in a source and end in a sink. The dataflow library has many builtin steps that model the semantics of the analysed programming language. However, there are no steps for JSON because JSON files are typically static files without any flow. It could be that for your usecase the JSON files are not just static data. For example if you use JSON to describe the API of a webservice. In such cases you may need to define "additional flow steps" to link some node in the JSON file to a node in the program code. Once you made that step, CodeQL should be able to follow the flow further throughout the program using its builtin flow steps.

Could you describe your use case ? What do the JSON files look like, and also give an example of a path you would like CodeQL to find.

[anaapte]

I have 2 json files ,one source.json and sink.json.I want a CodeQL query such that it can find the paths between these source and sinks along with their function names.