CodeQL library for C#
codeql/csharp-all 5.1.4-dev (changelog, source)
Index
Search

Module SqlInjectionQuery

Provides a taint-tracking configuration for reasoning about SQL injection vulnerabilities.

Import path

import semmle.code.csharp.security.dataflow.SqlInjectionQuery

Imports

csharp

The default C# QL library.

Classes

LocalSource

DEPRECATED: Use ThreatModelSource instead.

RemoteSource

DEPRECATED: Use ThreatModelSource instead.

Sanitizer

A sanitizer for SQL injection vulnerabilities.

Sink

A sink for SQL injection vulnerabilities.

Source

A source specific to SQL injection vulnerabilities.

SqlInjectionExprSink

An SQL expression passed to an API call that executes SQL.

ThreatModelSource

A source supported by the current threat model.

Modules

SqlInjectionConfig

A taint-tracking configuration for SQL injection vulnerabilities.

Aliases

SqlInjection

A taint-tracking module for SQL injection vulnerabilities.