Module ResourceExhaustion
Provides sources, sinks, and sanitizers for reasoning about resource exhaustion vulnerabilities.
Import path
import semmle.javascript.security.dataflow.ResourceExhaustionCustomizationsClasses
| BufferSizeSink | A node that determines the size of a buffer, considered as a data flow sink for resource exhaustion vulnerabilities. |
| DenseArraySizeSink | A node that determines the size of an array, considered as a data flow sink for resource exhaustion vulnerabilities. This is only an issue if the argument is a number, which we don’t track precisely. |
| RemoteFlowSourceAsSource | A source of remote user input, considered as a data flow source for resource exhaustion vulnerabilities. |
| Sanitizer | A data flow sanitizer for resource exhaustion vulnerabilities. |
| Sink | A data flow sink for resource exhaustion vulnerabilities. |
| Source | A data flow source for resource exhaustion vulnerabilities. |
| StringRepetitionSink | A node that determines the repetitions of a string, considered as a data flow sink for resource exhaustion vulnerabilities. |
| TimerDurationSink | A node that determines the duration of a timer, considered as a data flow sink for resource exhaustion vulnerabilities. |