Definitions used by
Controlled strings are the opposite of tainted strings. There is positive evidence that they are fully controlled by the program source code.
Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses.
A string concatenation that includes a string not known to be programmer controlled.
A query built with a StringBuilder, where one of the items appended is uncontrolled.