CodeQL library for C/C++
codeql/cpp-all 2.0.3-dev (changelog, source)
Search

Module FlowSource

Provides classes for modeling functions that return data from (or send data to) potentially untrusted sources. To use this QL library, create a QL class extending DataFlowFunction with a characteristic predicate that selects the function or set of functions you are modeling. Within that class, override the predicates provided by RemoteFlowSourceFunction or RemoteFlowSinkFunction to match the flow within that function.

Import path

import semmle.code.cpp.models.interfaces.FlowSource

Imports

ExternalFlow

INTERNAL use only. This is an experimental API subject to change without notice.

FunctionInputsAndOutputs

Provides a set of QL classes for indicating dataflows through a particular parameter, return value, or qualifier, as well as flows at one level of pointer indirection.

Models
cpp

Provides classes and predicates for working with C/C++ code.

Classes

LocalFlowSourceFunction

A library function that returns data that is directly controlled by a user.

RemoteFlowSinkFunction

A library function that sends data over a network connection.

RemoteFlowSourceFunction

A library function that returns data that may be read from a network connection.