CodeQL library for Java/Kotlin
codeql/java-all 4.0.1-dev (changelog, source)
Search

Module CleartextStorageQuery

Provides classes and predicates to reason about cleartext storage vulnerabilities.

Import path

import semmle.code.java.security.CleartextStorageQuery

Imports

java

Provides all default Java QL imports.

Classes

CleartextStorageAdditionalTaintStep

An additional taint step for sensitive data flowing into cleartext storage.

CleartextStorageSanitizer

A sanitizer for flows tracking sensitive data being stored in persistent storage.

CleartextStorageSink

A sink representing persistent storage that saves data in clear text.

SensitiveSource

Class for expressions that may represent ‘sensitive’ information

Storable

Class representing entities that may be stored/written, with methods for finding values that are stored within them, and cases of the entity being stored.