A dataflow configuration that identifies TransformerFactory and SAXTransformerFactory
instances that have been safely configured.
Import path
import semmle.code.java.security.XmlParsers
Predicates
| fieldFlowBranchLimit |
Gets the virtual dispatch branching limit when calculating field flow. This can be overridden to a smaller value to improve performance (a value of 0 disables field flow), or a larger value to get more results. |
| isSink |
Holds if |
| isSource |
Holds if |