Module TaintTracking
Import path
import semmle.code.java.dataflow.TaintTracking
Predicates
defaultAdditionalTaintStep |
Holds if the additional step from |
defaultImplicitTaintRead |
Holds if default |
defaultTaintSanitizer |
Holds if |
forceCachingInSameStage | |
localAdditionalTaintStep |
Holds if taint can flow in one local step from |
localExprTaint |
Holds if taint can flow from |
localTaint |
Holds if taint can flow from |
localTaintStep |
Holds if taint can flow in one local step from |
Classes
AdditionalTaintStep |
A unit class for adding additional taint steps. |
AdditionalValueStep |
A unit class for adding additional value steps. |
Configuration |
A configuration of interprocedural taint tracking analysis. This defines sources, sinks, and any other configurable aspect of the analysis. Each use of the taint tracking library must define its own unique extension of this abstract class. |
FluentMethod |
A method that returns the exact value of its qualifier (e.g., |
ObjectOutputStreamVar |
A local variable that is assigned an |
TaintInheritingContent |
A |
TaintPreservingCallable |
A method or constructor that preserves taint. |
ValuePreservingMethod |
A method that returns the exact value of one of its parameters or the qualifier. |
Modules
Global |
Constructs a global taint tracking computation. |
GlobalWithState |
Constructs a global taint tracking computation using flow state. |
LocalTaintFlow |
Provides local taint flow restricted to a given set of sources and sinks. |
Make |
DEPRECATED: Use |
MakeWithState |
DEPRECATED: Use |
StringBuilderVarModule |
Predicate signatures
nodeSig |
Holds if |