Module Security

Definitions related to security queries. These can be extended for specific code bases.

Import path

import semmle.code.cpp.security.Security

Imports

Environment	Reading from the environment, for example with ‘getenv’.
Expr	Provides classes modeling C/C++ expressions.
FlowSource	Provides classes for modeling functions that return data from (or send data to) potentially untrusted sources. To use this QL library, create a QL class extending `DataFlowFunction` with a characteristic predicate that selects the function or set of functions you are modeling. Within that class, override the predicates provided by `RemoteFlowSourceFunction` or `RemoteFlowSinkFunction` to match the flow within that function.
SecurityOptions	Security pack options.
Sql	Provides abstract classes for modeling functions that execute and escape SQL query strings. To extend this QL library, create a QL class extending `SqlExecutionFunction` or `SqlEscapeFunction` with a characteristic predicate that selects the function or set of functions you are modeling. Within that class, override the predicates provided by the class to match the way a parameter flows into the function and, in the case of `SqlEscapeFunction`, out of the function.

Predicates

argv	The argv parameter to the main function
isProcessOperationArgument	Convenience accessor for SecurityOptions.isProcessOperationArgument
isPureFunction	Convenience accessor for SecurityOptions.isPureFunction
isUserInput	Convenience accessor for SecurityOptions.isUserInput
raisesPrivilege	Convenient accessor for SecurityOptions.raisesPrivilege
sqlArgument	Convenience accessor for SecurityOptions.sqlArgument
userInputArgument	Convenience accessor for SecurityOptions.userInputArgument
userInputReturned	Convenience accessor for SecurityOptions.userInputReturn

Classes

SecurityOptions

Extend this class to customize the security queries for a particular code base. Provide no constructor in the subclass, and override any methods that need customizing.