CodeQL library for Go

codeql/go-all 0.7.13 (changelog, source)

Module ExternalAPIs

Definitions for reasoning about untrusted data used in APIs defined outside the database.

Import path

import semmle.go.security.ExternalAPIs

Imports

go	Provides classes for working with Go programs.

Predicates

getAMethodModelInPackage	Gets the name of a method in package `p` which has a function model.
getAPackageWithFunctionModels	Gets the name of a package which has models for some functions.
getAPackageWithModels	Gets the name of a package which has models.
getAPackageWithSummarizedCallables	Gets the name of a package that has at least one SummarizedCallable.
isACommonSink	Holds if `n` is a sink for XSS, SQL injection or request forgery.

Classes

ExternalApiDataNode	A node representing data being passed to an external API.
ExternalApiUsedWithUntrustedData	An external API which is used with untrusted data.
SafeExternalApiArgument	A `Function` with one or more arguments that are considered “safe” from a security perspective.
SafeExternalApiFunction	A `Function` that is considered a “safe” external API from a security perspective.
UnknownExternalApiDataNode	A node representing data being passed to an unknown external API.
UntrustedDataToExternalApiConfig	DEPRECATED: Use `UntrustedDataToExternalApiFlow` instead.
UntrustedDataToUnknownExternalApiConfig	DEPRECATED: Use `UntrustedDataToUnknownExternalApiFlow` instead.
UntrustedExternalApiDataNode	A node representing untrusted data being passed to an external API.

Aliases

UntrustedDataToExternalApiFlow	Tracks data flow from `RemoteFlowSource`s to `ExternalApiDataNode`s.
UntrustedDataToUnknownExternalApiFlow	Tracks data flow from `RemoteFlowSource`s to `UnknownExternalApiDataNode`s.