Flow states used to distinguish whether an attacker controls the entire string.
Import path
import codeql.ruby.security.CodeInjectionCustomizations
Predicates
full | Flow state used for data that is entirely controlled by the attacker. DEPRECATED: Use Full()
|
substring | Flow state used for normal tainted data, where an attacker might only control a substring. DEPRECATED: Use SubString()
|
Classes
Full | A flow state used for data that is entirely controlled by the attacker.
|
State | A flow state used to distinguish whether an attacker controls the entire string.
|
SubString | A flow state used for normal tainted data, where an attacker might only control a substring.
|