CodeQL library for C#
codeql/csharp-all 0.4.4 (changelog, source)
Search

Module LDAPInjectionQuery

Provides a taint-tracking configuration for reasoning about unvalidated user input that is used to construct LDAP queries.

Import path

import semmle.code.csharp.security.dataflow.LDAPInjectionQuery

Imports

csharp

The default C# QL library.

Classes

DirectoryEntryPathSink

An argument that sets the Path property of a DirectoryEntry object that is a sink for LDAP injection.

DirectorySearcherFilterSink

A argument that sets the Filter property of a DirectorySearcher object that is a sink for LDAP injection.

LdapEncodeSanitizer

A call to a method which is named “LDAP*Encode”, which is likely to be an LDAP sanitizer.

RemoteSource

A source of remote user input.

Sanitizer

A sanitizer for unvalidated user input that is used to construct LDAP queries.

SearchRequestFilterSink

A argument that sets the Filter property of a SearchRequest object that is a sink for LDAP injection.

Sink

A data flow sink for unvalidated user input that is used to construct LDAP queries.

Source

A data flow source for unvalidated user input that is used to construct LDAP queries.

TaintTrackingConfiguration

A taint-tracking configuration for unvalidated user input that is used to construct LDAP queries.

Aliases

LDAPEncodeSanitizer

DEPRECATED: Alias for LdapEncodeSanitizer