Class CustomSecurityOptions

Import path

import semmle.code.cpp.security.SecurityOptions

Direct supertypes

Indirect supertypes

Predicates

sqlArgument

An argument to a function that is passed to a SQL server.

userInputArgument

The argument of the given function is filled in from user input.

userInputReturned

The return value of the given function is filled in from user input.

Inherited predicates

charAt

Returns a one-character string containing the character in the receiver at the given index (which ranges from 0 through length minus one)

from string
indexOf

Returns all the offsets at which the given string occurs in the receiver

from string
indexOf

Returns the index of n’th occurrence of the given string within receiver, starting at the given offset

from string
isLowercase

Holds when the receiver contains no upper-case letters

from string
isProcessOperationArgument

The argument of the given function is used for running a process or loading a library.

from SecurityOptions
isPureFunction

This predicate should hold if the function with the given name is a pure function of its arguments.

from SecurityOptions
isUppercase

Holds when the receiver contains no lower-case letters

from string
isUserInput

This predicate should hold if the expression is directly computed from user input. Such expressions are treated as sources of taint.

from SecurityOptions
length

Returns the length of the receiver (in UTF-16 code units)

from string
matches

Holds when the receiver matches the pattern. Patterns are matched by case sensitive string matching, and there are two wildcards: _ matches a single character, and % matches any sequence of characters. To match the actual characters _ or % in the pattern, they must be escaped using backslashes. For example, "anythingstring%".matches("%string\\%") holds.

from string
prefix

Returns the substring of the receiver ending at the given offset

from string
raisesPrivilege

This predicate should hold if the expression raises privilege for the current session. The default definition only holds true for some example code in the test suite. This predicate must be extended for a particular code base to be useful.

from SecurityOptions
regexpCapture

When the given regexp matches the entire receiver, returns the substring matched by the given capture group

from string
regexpFind

Returns a substring of the receiver which matches the given regexp. Also returns the offset within the receiver at which the match occurred (occurrenceOffset), and the number of matches which occur at smaller offsets (occurrenceIndex)

from string
regexpMatch

Holds when the given regexp matches the entire receiver

from string
regexpReplaceAll

Returns a copy of the receiver with every substring which matches the given regexp is replaced by the replacement

from string
replaceAll

Returns a copy of the receiver with all occurrences of the target replaced by the replacement

from string
splitAt

Returns all of the substrings obtained by splitting the receiver at every occurrence of the argument

from string
splitAt

Returns the n’th substring obtained by splitting the receiver at every occurrence of the argument

from string
substring

Returns the substring of the receiver which starts and ends at the given indices

from string
suffix

Returns the substring of the receiver starting at the given offset

from string
toDate

Returns the date, if any, obtained by parsing the receiver

from string
toFloat

Returns the floating point number, if any, obtained by parsing the receiver

from string
toInt

Returns the integer, if any, obtained by parsing the receiver

from string
toLowerCase

Returns a copy of the receiver with all uppercase characters replaced by lowercase ones

from string
toString

Returns the receiver

from string
toUpperCase

Returns a copy of the receiver with all lowercase characters replaced by uppercase ones

from string
trim

Returns a copy of the receiver with all whitespace removed from the beginning and end of the string (where whitespace is defined as unicode codepoints ‘\u0000’ through ‘\u0020’ inclusive)

from string
userInputReturn

DEPRECATED: Users should override userInputReturned() instead.

from SecurityOptions