CodeQL library for Java/Kotlin
codeql/java-all 0.11.0 (changelog, source)
Search

Module TaintedEnvironmentVariableQuery

Modules to reason about the tainting of environment variables

Import path

import semmle.code.java.security.TaintedEnvironmentVariableQuery

Classes

ExecTaintedEnvironmentSanitizer

A node that acts as a sanitizer in configurations related to environment variable injection.

Modules

ExecTaintedEnvironmentConfig

A taint-tracking configuration that tracks flow from unvalidated data to an environment variable for a subprocess.

Aliases

ExecTaintedEnvironmentFlow

Taint-tracking flow for unvalidated data to an environment variable for a subprocess.