CodeQL library for Ruby
codeql/ruby-all 3.0.3-dev (changelog, source)
Search

Module CodeInjection::FlowState

Flow states used to distinguish whether an attacker controls the entire string.

Import path

import codeql.ruby.security.CodeInjectionCustomizations

Classes

Full

A flow state used for data that is entirely controlled by the attacker.

State

A flow state used to distinguish whether an attacker controls the entire string.

SubString

A flow state used for normal tainted data, where an attacker might only control a substring.