For other CodeQL resources, including tutorials and examples, see the CodeQL documentation

LDAPInjectionQuery

Module LDAPInjectionQuery

Provides a taint-tracking configuration for reasoning about unvalidated user input that is used to construct LDAP queries.


                                import semmle.code.csharp.security.dataflow.LDAPInjectionQuery

The default C# QL library.

DirectoryEntryPathSink	An argument that sets the `Path` property of a `DirectoryEntry` object that is a sink for LDAP injection.
DirectorySearcherFilterSink	A argument that sets the `Filter` property of a `DirectorySearcher` object that is a sink for LDAP injection.
LdapEncodeSanitizer	A call to a method which is named “LDAP*Encode”, which is likely to be an LDAP sanitizer.
RemoteSource	A source of remote user input.
Sanitizer	A sanitizer for unvalidated user input that is used to construct LDAP queries.
SearchRequestFilterSink	A argument that sets the `Filter` property of a `SearchRequest` object that is a sink for LDAP injection.
Sink	A data flow sink for unvalidated user input that is used to construct LDAP queries.
Source	A data flow source for unvalidated user input that is used to construct LDAP queries.
TaintTrackingConfiguration	DEPRECATED: Use `LdapInjection` instead.

A taint-tracking configuration for unvalidated user input that is used to construct LDAP queries.

LDAPEncodeSanitizer	DEPRECATED: Alias for LdapEncodeSanitizer
LdapInjection	A taint-tracking configuration for unvalidated user input that is used to construct LDAP queries.