Module TaintTrackingImpl
DEPRECATED: we now use semmle.code.cpp.ir.dataflow.DefaultTaintTracking
,
which is based on the IR but designed to behave similarly to this old
library.
Provides the implementation of semmle.code.cpp.security.TaintTracking
. Do
not import this file directly.
Import path
import semmle.code.cpp.security.TaintTrackingImpl
Imports
Predicates
globalVarFromId | |
resolveCall |
Resolve potential target function(s) for |
tainted |
A tainted expression is either directly user input, or is computed from user input in a way that users can probably control the exact output of the computation. |
taintedIncludingGlobalVars |
A tainted expression is either directly user input, or is computed from user input in a way that users can probably control the exact output of the computation. |
Classes
DataSensitiveCallExpr |
A data sensitive call expression. |
DataSensitiveExprCall |
Call through a function pointer. |
DataSensitiveOverriddenFunctionCall |
Call to a virtual function. |
FlowLocalScopeVariable |
A local scope variable for which flow through is allowed. |
FlowVariable |
A variable for which flow through is allowed. |