Module ConditionalBypassQuery
Provides a taint-tracking configuration for reasoning about user-controlled bypass of sensitive methods.
Import path
import semmle.code.csharp.security.dataflow.ConditionalBypassQueryImports
| csharp | The default C# QL library. |
Predicates
| conditionControlsMethod | Calls to a sensitive method that are controlled by a condition on the given expression. |
Classes
| ConditionControllingSensitiveAction | An expression which is a condition which controls access to a sensitive action. |
| RemoteSource | DEPRECATED: Use |
| ReverseDnsSource | The result of a reverse dns may be user-controlled. |
| Sanitizer | A sanitizer for user-controlled bypass of sensitive method. |
| Sink | A data flow sink for user-controlled bypass of sensitive method. |
| Source | A data flow source for user-controlled bypass of sensitive method. |
| ThreatModelSource | A source supported by the current threat model. |
Aliases
| ConditionalBypass | A taint-tracking module for user-controlled bypass of sensitive method. |