Module ResourceExhaustion
Provides sources, sinks, and sanitizers for reasoning about resource exhaustion vulnerabilities.
Import path
import semmle.javascript.security.dataflow.ResourceExhaustionCustomizations
Classes
BufferSizeSink | A node that determines the size of a buffer, considered as a data flow sink for resource exhaustion vulnerabilities. |
DenseArraySizeSink | A node that determines the size of an array, considered as a data flow sink for resource exhaustion vulnerabilities. This is only an issue if the argument is a number, which we don’t track precisely. |
RemoteFlowSourceAsSource | A source of remote user input, considered as a data flow source for resource exhaustion vulnerabilities. |
Sanitizer | A data flow sanitizer for resource exhaustion vulnerabilities. |
Sink | A data flow sink for resource exhaustion vulnerabilities. |
Source | A data flow source for resource exhaustion vulnerabilities. |
StringRepetitionSink | A node that determines the repetitions of a string, considered as a data flow sink for resource exhaustion vulnerabilities. |
TimerDurationSink | A node that determines the duration of a timer, considered as a data flow sink for resource exhaustion vulnerabilities. |