CodeQL library for Go
codeql/go-all 2.1.4-dev (changelog, source)
Search

Module ExternalAPIs

Definitions for reasoning about untrusted data used in APIs defined outside the database.

Import path

import semmle.go.security.ExternalAPIs

Imports

go

Provides classes for working with Go programs.

Predicates

getAMethodModelInPackage

Gets the name of a method in package p which has a function model.

getAPackageWithFunctionModels

Gets the name of a package which has models for some functions.

getAPackageWithModels

Gets the name of a package which has models.

getAPackageWithSummarizedCallables

Gets the name of a package that has at least one SummarizedCallable.

isACommonSink

Holds if n is a sink for XSS, SQL injection or request forgery.

Classes

ExternalApiDataNode

A node representing data being passed to an external API.

ExternalApiUsedWithUntrustedData

An external API which is used with untrusted data.

SafeExternalApiArgument

A Function with one or more arguments that are considered “safe” from a security perspective.

SafeExternalApiFunction

A Function that is considered a “safe” external API from a security perspective.

UnknownExternalApiDataNode

A node representing data being passed to an unknown external API.

UntrustedExternalApiDataNode

A node representing untrusted data being passed to an external API.

Aliases

UntrustedDataToExternalApiFlow

Tracks data flow from ActiveThreatModelSources to ExternalApiDataNodes.

UntrustedDataToUnknownExternalApiFlow

Tracks data flow from ActiveThreatModelSources to UnknownExternalApiDataNodes.