Module StackTraceExposureQuery

Provides predicates to reason about exposure of stack-traces.

Import path

import semmle.code.java.security.StackTraceExposureQuery

java	Provides all default Java QL imports.

getMessageFlowsExternally	Holds if there is a call to `getMessage()` that then flows to a servlet response.
printsStackExternally	Holds if `call` writes the data of `stackTrace` to an external stream.
stringifiedStackFlowsExternally	Holds if `stackTrace` is a stringified stack trace which flows to an external sink.