CodeQL library for Java/Kotlin
codeql/java-all 7.3.2 (changelog, source)
Index
Search

Module CommandLineQuery

Provides classes and methods common to queries java/command-line-injection, java/command-line-concatenation and their experimental derivatives.

Do not import this from a library file, in order to reduce the risk of unintentionally bringing a TaintTracking::Configuration into scope in an unrelated query.

Import path

import semmle.code.java.security.CommandLineQuery

Imports

java

Provides all default Java QL imports.

Predicates

execIsTainted

Implementation of ExecTainted.ql. It is extracted to a QLL so that it can be excluded from ExecUnescaped.ql to avoid reporting overlapping results.

Classes

CommandInjectionAdditionalTaintStep

A unit class for adding additional taint steps.

CommandInjectionSanitizer

A sanitizer for command injection vulnerabilities.

CommandInjectionSink

A sink for command injection vulnerabilities.

Modules

InputToArgumentToExecFlowConfig

A taint-tracking configuration for unvalidated user input that is used to run an external process.

LocalUserInputToArgumentToExecFlowConfig

A taint-tracking configuration for unvalidated local user input that is used to run an external process.

Aliases

InputToArgumentToExecFlow

Taint-tracking flow for unvalidated input that is used to run an external process.

LocalUserInputToArgumentToExecFlow

DEPRECATED: Use InputToArgumentToExecFlow instead and configure threat model sources to include local.

RemoteUserInputToArgumentToExecFlow

DEPRECATED: Use InputToArgumentToExecFlow instead.

RemoteUserInputToArgumentToExecFlowConfig

DEPRECATED: Use InputToArgumentToExecFlowConfig instead.