Module ConditionalBypassQuery
Provides a taint-tracking configuration for reasoning about user-controlled bypass of sensitive methods.
Import path
import semmle.code.csharp.security.dataflow.ConditionalBypassQuery
Imports
csharp | The default C# QL library. |
Predicates
conditionControlsMethod | Calls to a sensitive method that are controlled by a condition on the given expression. |
Classes
ConditionControllingSensitiveAction | An expression which is a condition which controls access to a sensitive action. |
RemoteSource | DEPRECATED: Use |
ReverseDnsSource | The result of a reverse dns may be user-controlled. |
Sanitizer | A sanitizer for user-controlled bypass of sensitive method. |
Sink | A data flow sink for user-controlled bypass of sensitive method. |
Source | A data flow source for user-controlled bypass of sensitive method. |
ThreatModelSource | A source supported by the current threat model. |
Aliases
ConditionalBypass | A taint-tracking module for user-controlled bypass of sensitive method. |