CodeQL library for Go
codeql/go-all 2.1.3 (changelog, source)
Search

Module CommandInjection

Provides a taint tracking configuration for reasoning about command injection vulnerabilities.

Import path

import semmle.go.security.CommandInjection

Imports

CommandInjection

Provides extension points for customizing the taint tracking configuration for reasoning about command injection vulnerabilities.

Aliases

DoubleDashSanitizingFlow

Tracks taint flow for reasoning about command-injection vulnerabilities with sinks which are sanitized by --.

Flow

Tracks taint flow for reasoning about command-injection vulnerabilities with sinks which are not sanitized by --.