CodeQL library for Java/Kotlin
codeql/java-all 4.1.1-dev (changelog, source)
Search

Module TaintTrackingUtil

Import path

import semmle.code.java.dataflow.internal.TaintTrackingUtil

Imports

Cached
FlowSteps

Provides classes representing various flow steps for taint tracking.

Predicates

defaultImplicitTaintRead

Holds if default TaintTracking::Configurations should allow implicit reads of c at sinks and inputs to additional taint steps.

localExprTaint

Holds if taint can flow from src to sink in zero or more local (intra-procedural) steps.

localTaint

Holds if taint can flow from src to sink in zero or more local (intra-procedural) steps.

Classes

ObjectOutputStreamVar

A local variable that is assigned an ObjectOutputStream. Writing tainted data to such a stream causes the underlying OutputStream to be tainted.

Modules

LocalTaintFlow

Provides local taint flow restricted to a given set of sources and sinks.

StringBuilderVarModule

Predicate signatures

nodeSig

Holds if node is an endpoint for local taint flow.