CodeQL library for Ruby
codeql/ruby-all 0.8.15-dev (changelog, source)
Index
Search

Module RegExpInjectionQuery

Provides a taint-tracking configuration for detecting regexp injection vulnerabilities.

Note, for performance reasons: only import this file if RegExpInjectionFlow is needed, otherwise RegExpInjectionCustomizations should be imported instead.

Import path

import codeql.ruby.security.regexp.RegExpInjectionQuery

Imports

BarrierGuards

Provides commonly used barriers to dataflow.

DataFlow

Provides classes for performing local (intra-procedural) and global (inter-procedural) data flow analyses.

RegExpInjectionCustomizations

Provides default sources, sinks and sanitizers for reasoning about regexp injection vulnerabilities, as well as extension points for adding your own.

TaintTracking

Classes

Configuration

A taint-tracking configuration for detecting regexp injection vulnerabilities. DEPRECATED: Use RegExpInjectionFlow

Aliases

RegExpInjectionFlow

Taint-tracking for detecting regexp injection vulnerabilities.