CodeQL library for Go
codeql/go-all 2.1.3 (changelog, source)
Search

Module StringBreak

Provides a taint tracking configuration for reasoning about unsafe-quoting vulnerabilities.

Import path

import semmle.go.security.StringBreak

Imports

StringBreak

Provides extension points for customizing the taint tracking configuration for reasoning about unsafe-quoting vulnerabilities.

Classes

Configuration

DEPRECATED: Use Flow instead.

Aliases

Flow

Tracks taint flow from untrusted data which may contain single or double quotes to uses where those quotes need to be escaped. The type of quote is accessible through the Sink.