Module Security
Definitions related to security queries. These can be extended for specific code bases.
Import path
import semmle.code.cpp.security.Security
Imports
Environment | Reading from the environment, for example with ‘getenv’. |
Expr | Provides classes modeling C/C++ expressions. |
FlowSource | Provides classes for modeling functions that return data from (or send data to) potentially untrusted sources. To use this QL library, create a QL class extending |
SecurityOptions | Security pack options. |
Sql | Provides abstract classes for modeling functions that execute and escape SQL query strings. To extend this QL library, create a QL class extending |
Predicates
argv | The argv parameter to the main function |
isProcessOperationArgument | Convenience accessor for SecurityOptions.isProcessOperationArgument |
isPureFunction | Convenience accessor for SecurityOptions.isPureFunction |
isUserInput | Convenience accessor for SecurityOptions.isUserInput |
raisesPrivilege | Convenient accessor for SecurityOptions.raisesPrivilege |
sqlArgument | Convenience accessor for SecurityOptions.sqlArgument |
userInputArgument | Convenience accessor for SecurityOptions.userInputArgument |
userInputReturned | Convenience accessor for SecurityOptions.userInputReturn |
Classes
SecurityOptions | Extend this class to customize the security queries for a particular code base. Provide no constructor in the subclass, and override any methods that need customizing. |