Module RegExpInjection

Provides default sources, sinks and sanitizers for detecting regexp injection vulnerabilities, as well as extension points for adding your own.

Import path

import codeql.ruby.security.regexp.RegExpInjectionCustomizations

ConstructedRegExpAsSink	The first argument of a call to `Regexp.new` or `Regexp.compile`, considered as a flow sink.
RegExpLiteralAsSink	A regexp literal, considered as a flow sink.
RegexpEscapeSanitization	A call to `Regexp.escape` (or its alias, `Regexp.quote`), considered as a sanitizer.
RemoteFlowSourceAsSource	A source of remote user input, considered as a flow source.
Sanitizer	A data flow sanitized for regexp injection vulnerabilities.
Sink	A data flow sink for regexp injection vulnerabilities.
Source	A data flow source for regexp injection vulnerabilities.
StringConstArrayInclusionCallAsSanitizer	An inclusion check against an array of constant strings, considered as a sanitizer-guard.
StringConstCompareAsSanitizer	A comparison with a constant string, considered as a sanitizer-guard.