Class OgnlInjectionSink
A data flow sink for unvalidated user input that is used in OGNL EL evaluation.
Extend this class to add your own OGNL injection sinks.
Import path
import semmle.code.java.security.OgnlInjection
Direct supertypes
Known direct subtypes
Inherited predicates
asExpr | Gets the expression corresponding to this node, if any. | from Node |
asParameter | Gets the parameter corresponding to this node, if any. | from Node |
getEnclosingCallable | Gets the callable in which this node occurs. | from Node |
getLocation | Gets the source location for this element. | from Node |
getType | Gets the type of this node. | from Node |
getTypeBound | Gets an upper bound on the type of this node. | from Node |
hasLocationInfo | Holds if this element is at the specified location. The location spans column | from Node |
toString | Gets a textual representation of this element. | from Node |