CodeQL library for C/C++
Search

Module FlowSources

Provides classes representing various flow sources for taint tracking.

Import path

import semmle.code.cpp.security.FlowSources

Imports

DataFlow

Provides a library for local (intra-procedural) and global (inter-procedural) data flow analysis: deciding whether data can flow from a source to a sink. This library differs from the one in semmle.code.cpp.dataflow in that this library uses the IR (Intermediate Representation) library, which provides a more precise semantic representation of the program, whereas the other dataflow library uses the more syntax-oriented ASTs. This library should provide more accurate results than the AST-based library in most scenarios.

FlowSource

Provides classes for modeling functions that return data from (or send data to) potentially untrusted sources. To use this QL library, create a QL class extending DataFlowFunction with a characteristic predicate that selects the function or set of functions you are modeling. Within that class, override the predicates provided by RemoteFlowSourceFunction or RemoteFlowSinkFunction to match the flow within that function.

cpp

Provides classes and predicates for working with C/C++ code.

Classes

FlowSource

A data flow source of user input, whether local or remote.

LocalFlowSource

A data flow source of local user input.

RemoteFlowSink

A remote data flow sink.

RemoteFlowSource

A data flow source of remote user input.