CodeQL library for C/C++
Search

Module Security

Definitions related to security queries. These can be extended for specific code bases.

Import path

import semmle.code.cpp.security.Security

Imports

Environment

Reading from the environment, for example with ‘getenv’.

Expr

Provides classes modeling C/C++ expressions.

FlowSource

Provides classes for modeling functions that return data from (or send data to) potentially untrusted sources. To use this QL library, create a QL class extending DataFlowFunction with a characteristic predicate that selects the function or set of functions you are modeling. Within that class, override the predicates provided by RemoteFlowSourceFunction or RemoteFlowSinkFunction to match the flow within that function.

SecurityOptions

Security pack options.

Predicates

argv

The argv parameter to the main function

isProcessOperationArgument

Convenience accessor for SecurityOptions.isProcessOperationArgument

isPureFunction

Convenience accessor for SecurityOptions.isPureFunction

isUserInput

Convenience accessor for SecurityOptions.isUserInput

raisesPrivilege

Convenient accessor for SecurityOptions.raisesPrivilege

sqlArgument

Convenience accessor for SecurityOptions.sqlArgument

userInputArgument

Convenience accessor for SecurityOptions.userInputArgument

userInputReturned

Convenience accessor for SecurityOptions.userInputReturn

Classes

SecurityOptions

Extend this class to customize the security queries for a particular code base. Provide no constructor in the subclass, and override any methods that need customizing.