Module ArraySizing

Import path

Security.CWE.CWE-129.ArraySizing

Imports

DataFlow

Provides classes for performing local (intra-procedural) and global (inter-procedural) data flow analyses.

DefUse

Provides classes and predicates for def-use and use-use pairs. Built on top of the SSA library for maximal precision.

java

Provides all default Java QL imports.

Predicates

fixedArraySize

If the Array accessed by the ArrayAccess is a fixed size, return the array size.

Classes

BoundedFlowSource

A source of “flow” which has an upper or lower bound.

CheckableArrayAccess

An ArrayAccess for which we can determine whether the index is appropriately bound checked.

NumericLiteralFlowSource

A compile time constant expression that evaluates to a numeric type.

PointlessLoop

A pointless loop, of the type seen frequently in Juliet tests, of the form:

RandomValueFlowSource

Input that is constructed using a Random value.