CodeQL library for Java/Kotlin
codeql/java-all 7.8.3-dev (changelog, source)
Index
Search

Module TempDirLocalInformationDisclosureQuery

Provides classes to reason about local information disclosure in a temporary directory.

Import path

import semmle.code.java.security.TempDirLocalInformationDisclosureQuery

Imports

java

Provides all default Java QL imports.

Classes

MethodCallInsecureFileCreateTempFile

An insecure call to java.io.File.createTempFile.

MethodCallInsecureFileCreation

A MethodCall against a method that creates a temporary file or directory in a shared temporary directory.

MethodCallInsecureGuavaFilesCreateTempFile

A call to the com.google.common.io.Files.createTempDir method.

MethodGuavaFilesCreateTempFile

The com.google.common.io.Files.createTempDir method.

Modules

TempDirSystemGetPropertyDirectlyToMkdirConfig

Configuration that tracks calls to to mkdir or mkdirs that are are directly on the temp directory system property. Examples: - File tempDir = new File(System.getProperty("java.io.tmpdir")); tempDir.mkdir(); - File tempDir = new File(System.getProperty("java.io.tmpdir")); tempDir.mkdirs();

TempDirSystemGetPropertyToCreateConfig

A taint tracking configuration tracking the access of the system temporary directory flowing to the creation of files or directories.

Aliases

TempDirSystemGetPropertyDirectlyToMkdir

Taint-tracking flow that tracks calls to to mkdir or mkdirs that are are directly on the temp directory system property. Examples: - File tempDir = new File(System.getProperty("java.io.tmpdir")); tempDir.mkdir(); - File tempDir = new File(System.getProperty("java.io.tmpdir")); tempDir.mkdirs();

TempDirSystemGetPropertyToCreate

Taint-tracking flow which tracks the access of the system temporary directory flowing to the creation of files or directories.