CodeQL library for Python
codeql/python-all 2.2.1-dev (changelog, source)
Search

Module LdapInjectionQuery

Provides taint-tracking configurations for detecting LDAP injection vulnerabilities

Note, for performance reasons: only import this file if LdapInjection::Configuration is needed, otherwise LdapInjectionCustomizations should be imported instead.

Import path

import semmle.python.security.dataflow.LdapInjectionQuery

Imports

Concepts

Provides abstract classes representing generic concepts such as file system access or system command execution, for which individual framework libraries provide concrete subclasses.

DataFlow

Provides a library for local (intra-procedural) and global (inter-procedural) data flow analysis: deciding whether data can flow from a source to a sink.

LdapInjection

Provides default sources, sinks and sanitizers for detecting “ldap injection” vulnerabilities, as well as extension points for adding your own.

RemoteFlowSources

Provides an extension point for modeling user-controlled data. Such data is often used as data-flow sources in security queries.

TaintTracking

Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses.

python

Aliases

LdapInjectionDnFlow

Global taint-tracking for detecting “LDAP injection via the distinguished name (DN) parameter” vulnerabilities.

LdapInjectionFilterFlow

Global taint-tracking for detecting “LDAP injection via the filter parameter” vulnerabilities.

LdapInjectionFlow

Global taint-tracking for detecting “LDAP injection” vulnerabilities.