Module CommandExecution
Provides definitions related to execution of commands
Import path
import semmle.code.cpp.security.CommandExecution
Imports
| Alias |
Provides an abstract class for accurate alias modeling of library functions when source code is not available. To use this QL library, create a QL class extending |
| CommandExecution |
Provides classes for modeling functions that execute new programs by interpreting string data as shell commands. To use this QL library, create a QL class extending |
| FunctionWithWrappers |
Provides predicates for identifying functions that wrap other functions, passing the same arguments from the outer call into the inner call. In the following example |
| SideEffect |
Provides an abstract class for accurate dataflow modeling of library functions when source code is not available. To use this QL library, create a QL class extending |
| cpp |
Provides classes and predicates for working with C/C++ code. |
Predicates
| shellCommand |
A command that is used as a command, or component of a command, that will be executed by a general-purpose command interpreter such as sh or cmd.exe. |
| shellCommandPreface |
The name of a shell and the flag used to preface a command that should be parsed. Public for testing purposes. |
Classes
| ArrayExecFunctionCall |
A function for running a command using an array of arguments. Note that FunctionWithWrappers does not support tracking multiple interesting arguments all the way to the call site. |
| SystemFunction |
A function for running a command using a command interpreter. |
| VarargsExecFunctionCall |
A function for running a command via varargs. Note that, at the time of writing, FunctionWithWrappers doesn’t really support varargs arguments, because it requires a finite version of interestingArg(). |