CodeQL library for C#
codeql/csharp-all 1.0.3-dev (changelog, source)
Search

Module ConditionalBypassQuery

Provides a taint-tracking configuration for reasoning about user-controlled bypass of sensitive methods.

Import path

import semmle.code.csharp.security.dataflow.ConditionalBypassQuery

Imports

csharp

The default C# QL library.

Predicates

conditionControlsMethod

Calls to a sensitive method that are controlled by a condition on the given expression.

Classes

ConditionControllingSensitiveAction

An expression which is a condition which controls access to a sensitive action.

Configuration

DEPRECATED: Use ConditionalBypass instead.

RemoteSource

DEPRECATED: Use ThreatModelSource instead.

ReverseDnsSource

The result of a reverse dns may be user-controlled.

Sanitizer

A sanitizer for user-controlled bypass of sensitive method.

Sink

A data flow sink for user-controlled bypass of sensitive method.

Source

A data flow source for user-controlled bypass of sensitive method.

ThreatModelSource

A source supported by the current threat model.

Aliases

ConditionalBypass

A taint-tracking module for user-controlled bypass of sensitive method.