CodeQL library for C#
codeql/csharp-all 3.1.1 (changelog, source)
Search

Module ExternalAPIsQuery

Definitions for reasoning about untrusted data used in APIs defined outside the database.

Import path

import semmle.code.csharp.security.dataflow.ExternalAPIsQuery

Imports

csharp

The default C# QL library.

Classes

ExternalApiDataNode

A node representing data being passed to an external API.

ExternalApiUsedWithUntrustedData

An external API which is used with untrusted data.

SafeExternalApiCallable

A callable that is considered a “safe” external API from a security perspective.

UntrustedExternalApiDataNode

A node representing untrusted data being passed to an external API.

Aliases

RemoteSourceToExternalApi

A module for tracking flow from ActiveThreatModelSources to ExternalApiDataNodes.