CodeQL library for Java
codeql/java-all 0.4.4 (changelog, source)
Search

Module QueryInjection

Provides classes to reason about database query language injection vulnerabilities.

Import path

import semmle.code.java.security.QueryInjection

Imports

DataFlow

Provides classes for performing local (intra-procedural) and global (inter-procedural) data flow analyses.

Persistence

Provides classes and predicates for working with the JavaEE Persistence API.

java

Provides all default Java QL imports.

Classes

AdditionalQueryInjectionTaintStep

A unit class for adding additional taint steps.

QueryInjectionSink

A sink for database query language injection vulnerabilities.