Module Security

Definitions related to security queries. These can be extended for specific code bases.

Import path

semmle.code.cpp.security.Security

Imports

Environment

Reading from the environment, for example with ‘getenv’.

Expr
SecurityOptions

Predicates

argv

The argv parameter to the main function

isProcessOperationArgument

Convenience accessor for SecurityOptions.isProcessOperationArgument

isPureFunction

Convenience accessor for SecurityOptions.isPureFunction

isUserInput

Convenience accessor for SecurityOptions.isUserInput

raisesPrivilege

Convenient accessor for SecurityOptions.raisesPrivilege

sqlArgument

Convenience accessor for SecurityOptions.sqlArgument

userInputArgument

Convenience accessor for SecurityOptions.userInputArgument

userInputReturned

Convenience accessor for SecurityOptions.userInputReturn

Classes

SecurityOptions

Extend this class to customize the security queries for a particular code base. Provide no constructor in the subclass, and override any methods that need customizing.