CodeQL library for JavaScript
Search

Module IndirectCommandInjection

Import path

import semmle.javascript.security.dataflow.IndirectCommandInjectionCustomizations

Predicates

argsParseStep

Holds if there is a command line parsing step from pred to succ. E.g: var succ = require("minimist")(pred).

Classes

CommandLineArgumentsArray

An array of command-line arguments.

ParsedCommandLineArgumentsAsSource

An object containing parsed command-line arguments, considered as a flow source for command injection.

Sanitizer

A sanitizer for command-injection vulnerabilities.

Sink

A data flow sink for command-injection vulnerabilities.

Source

A data flow source for command-injection vulnerabilities.

YargsArgv

An array of command line arguments (argv) parsed by the yargs libary.