CodeQL library for Java/Kotlin
codeql/java-all 0.8.12 (changelog, source)
Search

Module ExternalAPIs

Definitions for reasoning about untrusted data used in APIs defined outside the database.

Import path

import semmle.code.java.security.ExternalAPIs

Imports

FlowSources

Provides classes representing various flow sources for taint tracking.

TaintTracking

Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses.

java

Provides all default Java QL imports.

Classes

ExternalApiDataNode

A node representing data being passed to an external API.

ExternalApiUsedWithUntrustedData

An external API which is used with untrusted data.

SafeExternalApiMethod

A Method that is considered a “safe” external API from a security perspective.

UntrustedDataToExternalApiConfig

DEPRECATED: Use UntrustedDataToExternalApiFlow instead.

UntrustedExternalApiDataNode

A node representing untrusted data being passed to an external API.

Modules

UntrustedDataToExternalApiConfig

Taint tracking configuration for flow from ThreatModelFlowSources to ExternalApiDataNodes.

Aliases

UntrustedDataToExternalApiFlow

Tracks flow from untrusted data to external APIs.