Module XmlParsers

Provides classes and predicates for modeling XML parsers in Java.

Import path

Security.CWE.CWE-611.XmlParsers

Imports

DataFlow

Provides classes for performing local (intra-procedural) and global (inter-procedural) data flow analyses.

DataFlow2

Provides classes for performing local (intra-procedural) and global (inter-procedural) data flow analyses.

DataFlow3

Provides classes for performing local (intra-procedural) and global (inter-procedural) data flow analyses.

DataFlow4

Provides classes for performing local (intra-procedural) and global (inter-procedural) data flow analyses.

DataFlow5

Provides classes for performing local (intra-procedural) and global (inter-procedural) data flow analyses.

java

Provides all default Java QL imports.

Predicates

configAccessExternalDTD

A configuration specific for transformers and schema.

configAccessExternalSchema

A configuration specific for schema.

configAccessExternalStyleSheet

A configuration specific for transformers.

configOptionIsSupportingExternalEntities

An XmlInputFactory specific expression that indicates whether parsing external entities is supported.

configOptionSupportDTD

An XmlInputFactory specific expression that indicates whether DTD is supported.

singleSafeConfig

A general configuration that is safe when enabled.

Classes

ConstructedSAXSource

A call to the constructor of SAXSource with XMLReader and InputSource.

CreatedSafeXMLReader

An XMLReader that is obtained from a safe source.

DocumentBuilder

The class javax.xml.parsers.DocumentBuilder.

DocumentBuilderFactory

The class javax.xml.parsers.DocumentBuilderFactory.

DocumentBuilderFactoryConfig

A ParserConfig specific to DocumentBuilderFactory.

DocumentBuilderParse

A call to DocumentBuilder.parse.

ExplicitlySafeXMLReader

An XMLReader that is explicitly configured to be safe.

ParserConfig

An access to a method use for configuring the parser.

SAXBuilder

The class org.jdom.input.SAXBuilder.

SAXBuilderConfig

A ParserConfig specific to SAXBuilder.

SAXBuilderParse

A call to SAXBuilder.build.

SAXParser

The class javax.xml.parsers.SAXParser.

SAXParserFactory

The class javax.xml.parsers.SAXParserFactory.

SAXParserFactoryConfig

A ParserConfig that is specific to SAXParserFactory.

SAXParserParse

A call to SAXParser.parse.

SAXReader

The class org.dom4j.io.SAXReader.

SAXReaderConfig

A ParserConfig specific to SAXReader.

SAXReaderRead

A call to SAXReader.read.

SAXSource

The class javax.xml.transform.sax.SAXSource

SAXSourceSetReader

A call to the SAXSource.setXMLReader method.

SAXTransformerFactoryNewXMLFilter

A call to SAXTransformerFactory.newFilter.

SafeDocumentBuilder

A DocumentBuilder created from a safely configured DocumentBuilderFactory.

SafeDocumentBuilderFactory

A safely configured DocumentBuilderFactory that is safe for creating DocumentBuilder.

SafeSAXBuilder

A safely configured SAXBuilder.

SafeSAXParser

A SAXParser created from a safely configured SAXParserFactory.

SafeSAXParserFactory

A safely configured SAXParserFactory.

SafeSAXReader

A safely configured SAXReader.

SafeSAXSource

A SAXSource that is safe to use.

SafeSchemaFactory

A safely configured SchemaFactory.

SafeTransformer

A Transformer created from a safely configured TranformerFactory.

SafeTransformerFactory

A safely configured TransformerFactory.

SafeXMLReaderFlowSink
SafeXmlInputFactory

A safely configured XmlInputFactory.

SchemaFactory

The class javax.xml.validation.SchemaFactory.

SchemaFactoryConfig

A ParserConfig specific to SchemaFactory.

SchemaFactoryNewSchema

A call to SchemaFactory.newSchema.

SimpleXMLFormatterCall

A call to the format method of the Formatter.

SimpleXMLNodeBuilderCall

A call to read in NodeBuilder.

SimpleXMLPersisterCall

A call to read or validate in Persister.

SimpleXMLProviderCall

A call to provide in Provider.

Transformer

The class javax.xml.transform.Transformer.

TransformerConfig

An access to a method use for configuring a transformer or schema.

TransformerFactory

The class javax.xml.transform.TransformerFactory or javax.xml.transform.sax.SAXTransformerFactory.

TransformerFactoryConfig

A ParserConfig specific to TransformerFactory.

TransformerFactorySource

A call to Transformer.newTransformer with source.

TransformerTransform

A call to Transformer.transform.

XMLReader

The class org.xml.sax.XMLReader.

XMLReaderConfig

A ParserConfig specific to the XMLReader.

XMLReaderParse

A call to XMLReader.read.

XPathEvaluate

A call to XPathExpression.evaluate.

XPathExpression

The class javax.xml.xpath.XPathExpression.

XmlConstants

The class javax.xml.XMLConstants.

XmlInputFactory

The class javax.xml.stream.XMLInputFactory.

XmlInputFactoryConfig

A ParserConfig specific to XMLInputFactory.

XmlInputFactoryEventReader

A call to XMLInputFactory.createEventReader.

XmlInputFactoryStreamReader

A call to XMLInputFactory.createXMLStreamReader.

XmlParserCall

An abstract type representing a call to parse XML files.

XmlUnmarshal

A call to Unmarshaller.unmarshal.

XmlUnmarshaller

The class javax.xml.bind.Unmarshaller.