CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.6.16 (changelog, source)
Index
Search

Module ResourceExhaustion

Provides sources, sinks, and sanitizers for reasoning about resource exhaustion vulnerabilities.

Import path

import semmle.javascript.security.dataflow.ResourceExhaustionCustomizations

Classes

BarrierGuard

A barrier guard for resource exhaustion vulnerabilities.

BufferSizeSink

A node that determines the size of a buffer, considered as a data flow sink for resource exhaustion vulnerabilities.

DenseArraySizeSink

A node that determines the size of an array, considered as a data flow sink for resource exhaustion vulnerabilities. This is only an issue if the argument is a number, which we don’t track precisely.

RemoteFlowSourceAsSource

DEPRECATED: Use ActiveThreatModelSource from Concepts instead!

Sanitizer

A data flow sanitizer for resource exhaustion vulnerabilities.

Sink

A data flow sink for resource exhaustion vulnerabilities.

Source

A data flow source for resource exhaustion vulnerabilities.

StringRepetitionSink

A node that determines the repetitions of a string, considered as a data flow sink for resource exhaustion vulnerabilities.

TimerDurationSink

A node that determines the duration of a timer, considered as a data flow sink for resource exhaustion vulnerabilities.