Query module UncontrolledFormatString

name
Uncontrolled format string
description
Passing untrusted format strings from remote data sources can throw exceptions and cause a denial of service.
kind
path-problem
problem.severity
error
precision
high
id
cs/uncontrolled-format-string
tags
security external/cwe/cwe-134

Imports

Format

Provides definitions related to string formatting.

Local

Provides classes representing sources of local input.

PathGraph

Provides the query predicates needed to include a graph in a path-problem query.

Remote

Provides classes representing data flow sources for remote user input.

TaintTracking

Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses.

csharp

The default C# CodeQL library.

Classes