CodeQL library for Ruby
codeql/ruby-all 0.8.15-dev (changelog, source)
Index
Search

Module CodeInjectionQuery

Provides a taint-tracking configuration for detecting “Code injection” vulnerabilities.

Note, for performance reasons: only import this file if CodeInjectionFlow is needed, otherwise CodeInjectionCustomizations should be imported instead.

Import path

import codeql.ruby.security.CodeInjectionQuery

Imports

BarrierGuards

Provides commonly used barriers to dataflow.

CodeInjection

Provides default sources, sinks and sanitizers for detecting “Code injection” vulnerabilities, as well as extension points for adding your own.

DataFlow

Provides classes for performing local (intra-procedural) and global (inter-procedural) data flow analyses.

TaintTracking

Classes

Configuration

A taint-tracking configuration for detecting “Code injection” vulnerabilities. DEPRECATED: Use CodeInjectionFlow instead

Aliases

CodeInjectionFlow

Taint-tracking for detecting “Code injection” vulnerabilities.