CodeQL library for C/C++
codeql/cpp-all 0.4.4 (changelog, source)

Module TaintTracking2

Provides a TaintTracking2 module, which is a copy of the TaintTracking module. Use this class when data-flow configurations or taint-tracking configurations must depend on each other. Two classes extending DataFlow::Configuration should never depend on each other, but one of them should instead depend on a DataFlow2::Configuration, a DataFlow3::Configuration, or a DataFlow4::Configuration. The TaintTracking::Configuration class extends DataFlow::Configuration, and TaintTracking2::Configuration extends DataFlow2::Configuration.

See semmle.code.cpp.dataflow.TaintTracking for the full documentation.

Import path

import semmle.code.cpp.dataflow.TaintTracking2



Provides an implementation of global (interprocedural) taint tracking. This file re-exports the local (intraprocedural) taint-tracking analysis from TaintTrackingParameter::Public and adds a global analysis, mainly exposed through the Configuration class. For some languages, this file exists in several identical copies, allowing queries to use multiple Configuration classes that depend on each other without introducing mutual recursion among those configurations.