Module StringBreak

Provides extension points for customizing the taint tracking configuration for reasoning about unsafe-quoting vulnerabilities.

Import path

import semmle.go.security.StringBreakCustomizations

JsonMarshalAsSource	A call to `json.Marshal`, considered as a taint source for unsafe quoting.
Quote	A (single or double) quote.
ReplaceSanitizer	An expression that is equivalent to `strings.ReplaceAll(s, old, new)`, considered as a sanitizer for unsafe quoting.
Sanitizer	A sanitizer for unsafe-quoting vulnerabilities.
Sink	A data flow sink for unsafe-quoting vulnerabilities.
Source	A data flow source for unsafe-quoting vulnerabilities.
StringConcatenationAsSink	A string concatenation with quotes, considered as a taint sink for unsafe quoting.
UnmarshalSanitizer	A call to `json.Unmarshal`, considered as a sanitizer for unsafe quoting.