Module CommandInjection
Provides extension points for customizing the taint tracking configuration for reasoning about command injection vulnerabilities.
Import path
import semmle.go.security.CommandInjectionCustomizations
Classes
CommandNameAsSink | A command name, considered as a taint sink for command injection. |
NoDoubleDashPrefixSanitizer | A call that confirms that the string does not start with |
RegexpCheckBarrierAsSanitizer | A call to a regexp match function, considered as a barrier guard for command injection. |
Sanitizer | A sanitizer for command-injection vulnerabilities. |
Sink | A data flow sink for command-injection vulnerabilities. |
Source | A data flow source for command-injection vulnerabilities. |
UntrustedFlowAsSource | DEPRECATED: Use |