Module ConditionalBypassQuery
Provides a taint-tracking configuration for reasoning about user-controlled bypass of sensitive methods.
Import path
import semmle.code.csharp.security.dataflow.ConditionalBypassQuery
Imports
| csharp |
The default C# QL library. |
Predicates
| conditionControlsMethod |
Calls to a sensitive method that are controlled by a condition on the given expression. |
Classes
| ConditionControllingSensitiveAction |
An expression which is a condition which controls access to a sensitive action. |
| Configuration |
DEPRECATED: Use |
| RemoteSource |
A source of remote user input. |
| ReverseDnsSource |
The result of a reverse dns may be user-controlled. |
| Sanitizer |
A sanitizer for user-controlled bypass of sensitive method. |
| Sink |
A data flow sink for user-controlled bypass of sensitive method. |
| Source |
A data flow source for user-controlled bypass of sensitive method. |
Aliases
| ConditionalBypass |
A taint-tracking module for user-controlled bypass of sensitive method. |