CodeQL library for JavaScript
Search

Module ShellCommandInjectionFromEnvironment

Import path

import semmle.javascript.security.dataflow.ShellCommandInjectionFromEnvironmentCustomizations

Classes

AbsolutePathSource

An absolute path from the local file system, considered as a flow source for command injection.

FileNameSourceAsSource

An file name from the local file system, considered as a flow source for command injection.

Sanitizer

A sanitizer for command-injection vulnerabilities.

ShellCommandSink

A shell command argument.

Sink

A data flow sink for command-injection vulnerabilities.

Source

A data flow source for command-injection vulnerabilities.