CodeQL library for C#
codeql/csharp-all 3.1.2-dev (changelog, source)
Search

Module LDAPInjectionQuery

Provides a taint-tracking configuration for reasoning about unvalidated user input that is used to construct LDAP queries.

Import path

import semmle.code.csharp.security.dataflow.LDAPInjectionQuery

Imports

csharp

The default C# QL library.

Classes

DirectoryEntryPathSink

An argument that sets the Path property of a DirectoryEntry object that is a sink for LDAP injection.

DirectorySearcherFilterSink

A argument that sets the Filter property of a DirectorySearcher object that is a sink for LDAP injection.

LdapEncodeSanitizer

A call to a method which is named “LDAP*Encode”, which is likely to be an LDAP sanitizer.

RemoteSource

DEPRECATED: Use ThreadModelSource instead.

Sanitizer

A sanitizer for unvalidated user input that is used to construct LDAP queries.

SearchRequestFilterSink

A argument that sets the Filter property of a SearchRequest object that is a sink for LDAP injection.

Sink

A data flow sink for unvalidated user input that is used to construct LDAP queries.

Source

A data flow source for unvalidated user input that is used to construct LDAP queries.

ThreatModelSource

A source supported by the current threat model.

Modules

LdapInjectionConfig

A taint-tracking configuration for unvalidated user input that is used to construct LDAP queries.

Aliases

LdapInjection

A taint-tracking configuration for unvalidated user input that is used to construct LDAP queries.