Module Security
Definitions related to security queries. These can be extended for specific code bases.
Import path
import semmle.code.cpp.security.Security
Imports
Environment |
Reading from the environment, for example with ‘getenv’. |
Expr |
Provides classes modeling C/C++ expressions. |
FlowSource |
Provides classes for modeling functions that return data from (or send data to) potentially untrusted sources. To use this QL library, create a QL class extending |
SecurityOptions |
Security pack options. |
Sql |
Provides abstract classes for modeling functions that execute and escape SQL query strings. To extend this QL library, create a QL class extending |
Predicates
argv |
The argv parameter to the main function |
isProcessOperationArgument |
Convenience accessor for SecurityOptions.isProcessOperationArgument |
isPureFunction |
Convenience accessor for SecurityOptions.isPureFunction |
isUserInput |
Convenience accessor for SecurityOptions.isUserInput |
raisesPrivilege |
Convenient accessor for SecurityOptions.raisesPrivilege |
sqlArgument |
Convenience accessor for SecurityOptions.sqlArgument |
userInputArgument |
Convenience accessor for SecurityOptions.userInputArgument |
userInputReturned |
Convenience accessor for SecurityOptions.userInputReturn |
Classes
SecurityOptions |
Extend this class to customize the security queries for a particular code base. Provide no constructor in the subclass, and override any methods that need customizing. |