Module CommandLineQuery
Provides classes and methods common to queries java/command-line-injection
, java/command-line-concatenation
and their experimental derivatives.
Do not import this from a library file, in order to reduce the risk of unintentionally bringing a TaintTracking::Configuration into scope in an unrelated query.
Import path
import semmle.code.java.security.CommandLineQuery
Imports
java | Provides all default Java QL imports. |
Predicates
execIsTainted | Implementation of |
Classes
CommandInjectionAdditionalTaintStep | A unit class for adding additional taint steps. |
CommandInjectionSanitizer | A sanitizer for command injection vulnerabilities. |
CommandInjectionSink | A sink for command injection vulnerabilities. |
Modules
InputToArgumentToExecFlowConfig | A taint-tracking configuration for unvalidated user input that is used to run an external process. |
LocalUserInputToArgumentToExecFlowConfig | A taint-tracking configuration for unvalidated local user input that is used to run an external process. |
Aliases
InputToArgumentToExecFlow | Taint-tracking flow for unvalidated input that is used to run an external process. |
LocalUserInputToArgumentToExecFlow | DEPRECATED: Use |
RemoteUserInputToArgumentToExecFlow | DEPRECATED: Use |
RemoteUserInputToArgumentToExecFlowConfig | DEPRECATED: Use |