CodeQL library for Java
codeql/java-all 0.4.4 (changelog, source)
Search

Module PartialPathTraversalQuery

Provides taint tracking configurations to be used in partial path traversal queries.

Import path

import semmle.code.java.security.PartialPathTraversalQuery

Imports

DataFlow

Provides classes for performing local (intra-procedural) and global (inter-procedural) data flow analyses.

ExternalFlow

INTERNAL use only. This is an experimental API subject to change without notice.

FlowSources

Provides classes representing various flow sources for taint tracking.

PartialPathTraversal

Provides classes to reason about partial path traversal vulnerabilities.

TaintTracking

Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses.

java

Provides all default Java QL imports.

Classes

PartialPathTraversalFromRemoteConfig

A taint-tracking configuration for unsafe user input that is used to validate against path traversal, but is insufficient and remains vulnerable to Partial Path Traversal.