CodeQL library for C#
codeql/csharp-all 1.0.3-dev (changelog, source)
Search

Module ResourceInjectionQuery

Provides a taint-tracking configuration for reasoning about untrusted user input used in resource descriptors.

Import path

import semmle.code.csharp.security.dataflow.ResourceInjectionQuery

Imports

csharp

The default C# QL library.

Classes

LocalSource

DEPRECATED: Use ThreatModelSource instead.

RemoteSource

DEPRECATED: Use ThreatModelSource instead.

Sanitizer

A sanitizer for untrusted user input used in resource descriptors.

Sink

A data flow sink for untrusted user input used in resource descriptors.

Source

A data flow source for untrusted user input used in resource descriptors.

SqlConnectionStringSink

An argument to the ConnectionString property on a data connection class.

TaintTrackingConfiguration

DEPRECATED: Use ResourceInjection instead.

ThreatModelSource

A source supported by the current threat model.

Aliases

ResourceInjection

A taint-tracking module for untrusted user input used in resource descriptors.