CodeQL library for Java/Kotlin
codeql/java-all 0.9.2-dev (changelog, source)
Index
Search

Module RegexInjectionConfig

A taint-tracking configuration for untrusted user input used to construct regular expressions.

Import path

import semmle.code.java.security.regexp.RegexInjectionQuery

Predicates

isBarrier

Holds if data flow through node is prohibited. This completely removes node from the data flow graph.

isSink

Holds if sink is a relevant data flow sink.

isSource

Holds if source is a relevant data flow source.