CodeQL library for C#
codeql/csharp-all 3.0.1-dev (changelog, source)
Search

Module CommandInjectionConfig

A taint-tracking configuration for command injection vulnerabilities.

Import path

import semmle.code.csharp.security.dataflow.CommandInjectionQuery

Predicates

isBarrier

Holds if data flow through node is prohibited. This completely removes node from the data flow graph.

isSink

Holds if sink is a relevant data flow sink.

isSource

Holds if source is a relevant data flow source.