A Content
that should be implicitly regarded as tainted whenever an object with such Content
is itself tainted.
For example, if we had a type class Container { Contained field; }
, then by default a tainted
Container
and a Container
with a tainted Contained
stored in its field
are distinct.
If any(DataFlow::FieldContent fc | fc.getField().hasQualifiedName("Container", "field"))
was
included in this type however, then a tainted Container
would imply that its field
is also
tainted (but not vice versa).
Note that TaintTracking::Configuration
applies this behavior by default to array, collection,
map-key and map-value content, so that e.g. a tainted Map
is assumed to have tainted keys and values.
Import path
import semmle.code.java.dataflow.TaintTracking
Direct supertypes
Indirect supertypes
Known direct subtypes
Inherited predicates
getType | Gets the type of the contained data for the purpose of type pruning. | from Content |
hasLocationInfo | Holds if this element is at the specified location. The location spans column | from Content |
toString | Gets a textual representation of this element. | from Content |