CodeQL library for Java
codeql/java-all 0.4.4 (changelog, source)
Search

Class UnsafeDeserializationSink

A sink for unsafe deserialization.

Import path

import semmle.code.java.security.UnsafeDeserializationQuery

Direct supertypes

Indirect supertypes

Inherited fields

Predicates

getMethodAccess

Gets a call that triggers unsafe deserialization.

Inherited predicates

asExpr

Gets the expression corresponding to this node, if any.

from Node
asParameter

Gets the parameter corresponding to this node, if any.

from Node
getEnclosingCallable

Gets the callable in which this node occurs.

from Node
getExpr

Gets the expression corresponding to this node.

from ExprNode
getLocation

Gets the source location for this element.

from ExprNode
getType

Gets the type of this node.

from Node
getTypeBound

Gets an upper bound on the type of this node.

from Node
hasLocationInfo

Holds if this element is at the specified location. The location spans column startcolumn of line startline to column endcolumn of line endline in file filepath. For more information, see Locations.

from Node
toString

Gets a textual representation of this element.

from ExprNode

Charpred