CodeQL library for Java
codeql/java-all 0.4.4 (changelog, source)
Search

Module LdapInjection

Provides classes to reason about LDAP injection attacks.

Import path

import semmle.code.java.security.LdapInjection

Imports

ApacheLdap

Provides classes and predicates for working with the Apache LDAP API.

Jndi

Provides classes and predicates for working with the Java JNDI API.

SpringLdap

Provides classes and predicates for working with the Spring LDAP API.

TaintTracking

Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses.

UnboundId

Provides classes and predicates for working with the UnboundID API.

java

Provides all default Java QL imports.

Classes

LdapInjectionAdditionalTaintStep

A unit class for adding additional taint steps.

LdapInjectionSanitizer

A sanitizer that prevents LDAP injection attacks.

LdapInjectionSink

A data flow sink for unvalidated user input that is used to construct LDAP queries.