CodeQL library for Java/Kotlin
codeql/java-all 3.0.1 (changelog, source)
Search

Module RandomQuery

Provides classes and methods shared by randomness-related queries.

Import path

import semmle.code.java.security.RandomQuery

Imports

DataFlow

Provides classes for performing local (intra-procedural) and global (inter-procedural) data flow analyses.

DefUse

Provides classes and predicates for def-use and use-use pairs. Built on top of the SSA library for maximal precision.

RandomDataSource

Defines classes representing random data sources.

java

Provides all default Java QL imports.

Predicates

unsafelySeeded

Holds if predictable seed source is used to initialise a random-number generator used at use.

Classes

GetRandomData

A method access calling a method declared on java.security.SecureRandom that returns random data or writes random data to an argument.

PredictableSeedExpr

A constant, call to a ReturnsPredictableExpr method, or an array initialiser consisting entirely of the same.

ReturnsPredictableExpr

A method whose return value is predictable (not necessarily constant).

SecureRandomNumberGenerator

The java.security.SecureRandom class.