Module LoopBoundInjection
Import path
import semmle.javascript.security.dataflow.LoopBoundInjectionCustomizations
Imports
TaintedObject |
Provides methods for reasoning about the flow of deeply tainted objects, such as JSON objects parsed from user-controlled data. |
Predicates
hasCrashingArrayAccess |
Holds if there exists an array access indexed by the variable |
isCrashingWithNullValues |
Holds if an exception will be thrown whenever |
loopableLodashMethod |
Holds if |
Classes
ArrayIterationLoop |
A loop that iterates through some array using the |
InstanceofArraySanitizerGuard |
A sanitizer that blocks taint flow if the array is checked to be an array using an |
IsArraySanitizerGuard |
A sanitizer that blocks taint flow if the array is checked to be an array using an |
LengthCheckSanitizerGuard |
A sanitizer that blocks taint flow if the length of an array is limited. |
Sink |
A data flow sink for untrusted user input that is being looped through. |
Source |
A source of objects that can cause DoS if iterated using the .length property. |
TaintedObjectSource |
A source of remote user input objects. |