CodeQL library for C/C++
codeql/cpp-all 2.1.1-dev (changelog, source)
Index
Search

Module CommandExecution

Provides classes for modeling functions that execute new programs by interpreting string data as shell commands. To use this QL library, create a QL class extending CommandExecutionFunction with a characteristic predicate that selects the function or set of functions you are modeling. Within that class, override the hasCommandArgument predicate to indicate which parameters are interpreted as shell commands.

Import path

import semmle.code.cpp.models.interfaces.CommandExecution

Imports

FunctionInputsAndOutputs

Provides a set of QL classes for indicating dataflows through a particular parameter, return value, or qualifier, as well as flows at one level of pointer indirection.

Models
cpp

Provides classes and predicates for working with C/C++ code.

Classes

CommandExecutionFunction

A function, such as exec or popen that starts a new process by interpreting a string as a shell command.