CodeQL library for Java
Search

Module ExternalAPIs

Definitions for reasoning about untrusted data used in APIs defined outside the database.

Import path

import semmle.code.java.security.ExternalAPIs

Imports

FlowSources

Provides classes representing various flow sources for taint tracking.

TaintTracking

Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses.

java

Provides all default Java QL imports.

Classes

ExternalAPIDataNode

A node representing data being passed to an external API.

ExternalAPIUsedWithUntrustedData

An external API which is used with untrusted data.

SafeExternalAPIMethod

A Method that is considered a “safe” external API from a security perspective.

UntrustedDataToExternalAPIConfig

A configuration for tracking flow from RemoteFlowSources to ExternalAPIDataNodes.

UntrustedExternalAPIDataNode

A node representing untrusted data being passed to an external API.