Module LDAPInjectionQuery
Provides a taint-tracking configuration for reasoning about unvalidated user input that is used to construct LDAP queries.
Import path
import semmle.code.csharp.security.dataflow.LDAPInjectionQuery
Imports
csharp | The default C# QL library. |
Classes
DirectoryEntryPathSink | An argument that sets the |
DirectorySearcherFilterSink | A argument that sets the |
LdapEncodeSanitizer | A call to a method which is named “LDAP*Encode”, which is likely to be an LDAP sanitizer. |
RemoteSource | DEPRECATED: Use |
Sanitizer | A sanitizer for unvalidated user input that is used to construct LDAP queries. |
SearchRequestFilterSink | A argument that sets the |
Sink | A data flow sink for unvalidated user input that is used to construct LDAP queries. |
Source | A data flow source for unvalidated user input that is used to construct LDAP queries. |
ThreatModelSource | A source supported by the current threat model. |
Modules
LdapInjectionConfig | A taint-tracking configuration for unvalidated user input that is used to construct LDAP queries. |
Aliases
LdapInjection | A taint-tracking configuration for unvalidated user input that is used to construct LDAP queries. |