Class ArgumentInjectionFromCommandSink

Holds if a Run step executes a command that returns untrusted data which flows to an unsafe argument e.g. run: | BODY=$(git log –format=%s) sed “s/FOO/$BODY/g” > /tmp/foo

Import path

import codeql.actions.security.ArgumentInjectionQuery

Direct supertypes

ArgumentInjectionSink

Indirect supertypes

Node
TNode

Fields

command

Predicates

getCommand

Inherited predicates

asExpr		from Node
getLocation		from Node
hasLocationInfo	Holds if this element is at the specified location. The location spans column `startcolumn` of line `startline` to column `endcolumn` of line `endline` in file `filepath`. For more information, see Locations.	from Node
toString	Gets a textual representation of this element.	from Node

Charpred

ArgumentInjectionFromCommandSink