For other CodeQL resources, including tutorials and examples, see the CodeQL documentation

CommandLineQuery

Module CommandLineQuery

Provides classes and methods common to queries java/command-line-injection, java/command-line-concatenation and their experimental derivatives.

Do not import this from a library file, in order to reduce the risk of unintentionally bringing a TaintTracking::Configuration into scope in an unrelated query.

Import path


                                import semmle.code.java.security.CommandLineQuery

Imports

CommandArguments	Definitions for reasoning about lists and arrays that are to be used as arguments to an external process.
ExternalProcess	Definitions related to external processes.
FlowSources	Provides classes representing various flow sources for taint tracking.

Predicates

execTainted

Implementation of ExecTainted.ql. It is extracted to a QLL so that it can be excluded from ExecUnescaped.ql to avoid reporting overlapping results.

Classes

RemoteUserInputToArgumentToExecFlowConfig

A taint-tracking configuration for unvalidated user input that is used to run an external process.