CodeQL library for C#
codeql/csharp-all 0.4.4 (changelog, source)
Search

Module ConditionalBypassQuery

Provides a taint-tracking configuration for reasoning about user-controlled bypass of sensitive methods.

Import path

import semmle.code.csharp.security.dataflow.ConditionalBypassQuery

Imports

csharp

The default C# QL library.

Predicates

conditionControlsMethod

Calls to a sensitive method that are controlled by a condition on the given expression.

Classes

ConditionControllingSensitiveAction

An expression which is a condition which controls access to a sensitive action.

Configuration

A taint-tracking configuration for user-controlled bypass of sensitive method.

RemoteSource

A source of remote user input.

ReverseDnsSource

The result of a reverse dns may be user-controlled.

Sanitizer

A sanitizer for user-controlled bypass of sensitive method.

Sink

A data flow sink for user-controlled bypass of sensitive method.

Source

A data flow source for user-controlled bypass of sensitive method.