Flow states used to distinguish whether an attacker controls the entire string.
Import path
import codeql.ruby.security.CodeInjectionCustomizations
Predicates
| full | Flow state used for data that is entirely controlled by the attacker. DEPRECATED: Use Full()
|
| substring | Flow state used for normal tainted data, where an attacker might only control a substring. DEPRECATED: Use SubString()
|
Classes
| Full | A flow state used for data that is entirely controlled by the attacker.
|
| State | A flow state used to distinguish whether an attacker controls the entire string.
|
| SubString | A flow state used for normal tainted data, where an attacker might only control a substring.
|