CodeQL library for Java
codeql/java-all 0.5.1 (changelog, source)
Search

Module UnsafeAndroidAccessQuery

Provides taint tracking configurations to be used in Unsafe Resource Fetching queries.

Import path

import semmle.code.java.security.UnsafeAndroidAccessQuery

Imports

FlowSources

Provides classes representing various flow sources for taint tracking.

RequestForgery

Provides classes to reason about server-side request forgery (SSRF) attacks.

TaintTracking

Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses.

UnsafeAndroidAccess

Provides classes to reason about Unsafe Resource Fetching vulnerabilities in Android.

java

Provides all default Java QL imports.

Classes

FetchUntrustedResourceConfiguration

A taint configuration tracking flow from untrusted inputs to a resource fetching call.