CodeQL library for C#
codeql/csharp-all 0.6.2 ( changelog , source )
Search

Module CommandInjectionQuery

Provides a taint-tracking configuration for reasoning about command injection vulnerabilities.

Import path

import semmle.code.csharp.security.dataflow.CommandInjectionQuery

Imports

csharp

The default C# QL library.

Classes

RemoteSource

A source of remote user input.

Sanitizer

A sanitizer for user input treated as code vulnerabilities.

Sink

A sink for command injection vulnerabilities.

Source

A source specific to command injection vulnerabilities.

SystemProcessCommandInjectionSink

A sink in System.Diagnostic.Process or its related classes.

TaintTrackingConfiguration

DEPRECATED: Use CommandInjection instead.

Modules

CommandInjectionConfig

A taint-tracking configuration for command injection vulnerabilities.

Aliases

CommandInjection

A taint-tracking module for command injection vulnerabilities.