CodeQL library for Java
codeql/java-all 0.6.2 ( changelog , source )
Search

Predicate unsafeDeserialization

Holds if ma is a call that deserializes data from sink.

Import path

import semmle.code.java.security.UnsafeDeserializationQuery
predicate unsafeDeserialization ( MethodAccess ma , Expr sink )