Module LdapInjection
Provides classes to reason about LDAP injection attacks.
Import path
import semmle.code.java.security.LdapInjection
Imports
ApacheLdap | Provides classes and predicates for working with the Apache LDAP API. |
Jndi | Provides classes and predicates for working with the Java JNDI API. |
SpringLdap | Provides classes and predicates for working with the Spring LDAP API. |
TaintTracking | Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses. |
UnboundId | Provides classes and predicates for working with the UnboundID API. |
java | Provides all default Java QL imports. |
Classes
LdapInjectionAdditionalTaintStep | A unit class for adding additional taint steps. |
LdapInjectionSanitizer | A sanitizer that prevents LDAP injection attacks. |
LdapInjectionSink | A data flow sink for unvalidated user input that is used to construct LDAP queries. |