CodeQL library for Ruby
codeql/ruby-all 5.1.9-dev (changelog, source)
Index
Search

Module CodeInjection::FlowState

Flow states used to distinguish whether an attacker controls the entire string.

Import path

import codeql.ruby.security.CodeInjectionCustomizations

Classes

Full

A flow state used for data that is entirely controlled by the attacker.

State

A flow state used to distinguish whether an attacker controls the entire string.

SubString

A flow state used for normal tainted data, where an attacker might only control a substring.